dedicated-worker-cache-storage.https.html

Enable keyboard shortcuts

This test has a WPT meta file that expects 7 subtest issues.
This WPT test may be referenced by the following Test IDs:
- /html/cross-origin-embedder-policy/dedicated-worker-cache-storage.https.html - WPT Dashboard Interop Dashboard

<!doctype html>

<html>

<title> Check enforcement of COEP in a DedicatedWorker using CacheStorage. </title>

<script src="/resources/testharness.js"></script>

<script src="/resources/testharnessreport.js"></script>

<script src="/common/get-host-info.sub.js"></script>

<script>

// See also: ./shared-worker-cache-storage.https.html

function remote(path) {

  const REMOTE_ORIGIN = get_host_info().HTTPS_REMOTE_ORIGIN;

  return new URL(path, REMOTE_ORIGIN);

const iframe_path = "./resources/iframe.html?pipe=";

const dedicated_worker_path = "./universal-worker.js?pipe=";

const ressource_path = "/images/blue.png?pipe=";

const coep_header= {

  "coep-none"         : "",

  "coep-require-corp" : "|header(Cross-Origin-Embedder-Policy,require-corp)",

const corp_header = {

  "corp-undefined": "",

  "corp-cross-origin": "|header(Cross-Origin-Resource-Policy,cross-origin)",

// Check enforcement of COEP in a DedicatedWorker using CacheStorage.

//

// 1) Fetch a response from a document with COEP:none. Store it in the

//    CacheStorage. The response is cross-origin without any CORS header.

// 2) From an iframe, start a DedicatedWorker and try to retrieve the response

//    from the CacheStorage.

//

// Test parameters:

// - |iframe_coep| the COEP header of the iframe's document response

// - |worker_coep| the COEP header of the DedicatedWorker's script response.

// - |response_corp| the CORP header of the response.

//

// Test expectations:

// |result|

//   - "success" when the worker is able to fetch the response from the

//     CacheStorage,

//   - "failure" when the worker is not able to fetch the response from the

//     CacheStorage, and

//   - "error" when it is unable to create a worker.

// https://mikewest.github.io/corpp/#initialize-embedder-policy-for-global

function check(

  // Test parameters:

  iframe_coep,

  worker_coep,

  response_corp,

  // Test expectations:

  result) {

  promise_test(async (t) => {

    // 1) Fetch a response from a document with COEP:none. Store it in the

    //    CacheStorage. The response is cross-origin without any CORS header.

    const resource_path = ressource_path + corp_header[response_corp];

    const resource_url = remote(resource_path);

    const fetch_request = new Request(resource_url, {mode: 'no-cors'});

    const cache = await caches.open('v1');

    const fetch_response = await fetch(fetch_request);

    await cache.put(fetch_request, fetch_response);

    // 2) From an iframe, start a DedicatedWorker and try to retrieve the

    //    response from the CacheStorage.

    const worker_url = dedicated_worker_path + coep_header[worker_coep];

    const worker_eval = `

      (async function() {

        const cache = await caches.open('v1');

        const request = new Request('${resource_url}', {

          mode: 'no-cors'

});

        try {

          const response = await cache.match(request);

          postMessage('success');

        } catch(error) {

          postMessage('failure');

      })()

`;

    const iframe_url = iframe_path + coep_header[iframe_coep];

    const iframe_eval = `

      (async function() {

        const w = new Worker('${worker_url}');

        const worker_response = new Promise(resolve => w.onmessage = resolve);

        w.onerror = () => parent.postMessage('error');

        w.postMessage(\`${worker_eval}\`);

        const response = await worker_response;

        parent.postMessage(response.data);

      })();

`;

    const iframe = document.createElement("iframe");

    t.add_cleanup(() => iframe.remove());

    iframe.src = iframe_url;

    const iframe_loaded = new Promise(resolve => iframe.onload = resolve);

    document.body.appendChild(iframe);

    await iframe_loaded;

    const iframe_response = new Promise(resolve => {

      window.addEventListener("message", resolve);

})

    iframe.contentWindow.postMessage(iframe_eval);

    const {data} = await iframe_response;

    assert_equals(data, result);

  }, `${iframe_coep} ${worker_coep} ${response_corp}`)

// -----------------------------------------------------------------------------

//    iframe_coep         , worker_coep         , response_corp       , loaded

// -----------------------------------------------------------------------------

check("coep-none"         , "coep-none"         , "corp-cross-origin" , "success");

check("coep-none"         , "coep-none"         , "corp-undefined"    , "success");

check("coep-none"         , "coep-require-corp" , "corp-cross-origin" , "success");

check("coep-none"         , "coep-require-corp" , "corp-undefined"    , "failure");

check("coep-require-corp" , "coep-none"         , "corp-cross-origin" , "error");

check("coep-require-corp" , "coep-none"         , "corp-undefined"    , "error");

check("coep-require-corp" , "coep-require-corp" , "corp-cross-origin" , "success");

check("coep-require-corp" , "coep-require-corp" , "corp-undefined"    , "failure");

</script>

</html>