iframe-failed-commit.html

Enable keyboard shortcuts

This test has a WPT meta file that expects 12 subtest issues.
This WPT test may be referenced by the following Test IDs:
- /resource-timing/iframe-failed-commit.html - WPT Dashboard Interop Dashboard

<!DOCTYPE html>

<html>

<head>

<meta charset="utf-8" />

<title>Resource Timing - test that unsuccessful iframes create entries</title>

<meta name="timeout" content="long">

<link rel="author" title="Google" href="http://www.google.com/" />

<link rel="help" href=

  "https://www.w3.org/TR/resource-timing-2/#resources-included-in-the-performanceresourcetiming-interface"/>

<script src="/resources/testharness.js"></script>

<script src="/resources/testharnessreport.js"></script>

<script src="/common/get-host-info.sub.js"></script>

<script src="resources/entry-invariants.js"></script>

<script src="resources/resource-loaders.js"></script>

<body>

<script>

// Like load.iframe but fetches the iframe under a "default-src 'none'"

// Content-Security-Policy.

const load_iframe_with_csp = async path => {

  return load.iframe_with_attrs(path, {"csp": "default-src 'none'"});

};

const load_iframe_with_csp_no_navigation = async path => {

  return load.iframe_with_attrs(path, {"csp": "default-src 'none'"}, () => {}, true);

// Runs a test (labeled by the given label) to verify that loading an iframe

// with the given URL generates a PerformanceResourceTiming entry and that the

// entry does not expose sensitive timing attributes.

const masked_entry_test = (url, label) => {

  return attribute_test(load.iframe, url,

    invariants.assert_tao_failure_resource, label);

};

// Runs a test (labeled by the given label) to verify that loading an iframe

// with the given URL generates a PerformanceResourceTiming entry and that the

// entry does expose sensitive timing attributes.

const unmasked_entry_with_csp_test = (url, label) => {

  return attribute_test(load_iframe_with_csp, url,

    invariants.assert_tao_pass_no_redirect_http, label);

};

// Runs a test (labeled by the given label) to verify that loading an iframe

// with the given URL under a "default-src 'none' Content-Security-Policy

// generates a PerformanceResourceTiming entry and that the entry does not

// expose sensitive timing attributes.

const masked_entry_with_csp_test = (url, label) => {

  return attribute_test(load_iframe_with_csp, url,

    invariants.assert_tao_failure_resource, label);

};

// Runs a test (labeled by the given label) to verify that loading an iframe

// with the given URL under a "default-src 'none' Content-Security-Policy

// generates a PerformanceResourceTiming entry and that the entry does not

// expose sensitive timing attributes.

const non_navigating_masked_entry_with_csp_test = (url, label) => {

  return attribute_test(load_iframe_with_csp_no_navigation, url,

    invariants.assert_tao_failure_resource, label);

};

const {REMOTE_ORIGIN, ORIGINAL_HOST, HTTPS_PORT} = get_host_info();

const unhosted_url = `https://nonexistent.${ORIGINAL_HOST}:${HTTPS_PORT}/`;

masked_entry_test(

  unhosted_url,

  "Test iframe from non-existent host gets reported");

masked_entry_test(

  "/resource-timing/resources/fake_responses.py?redirect=" + unhosted_url,

  "Test iframe redirecting to non-existent host gets reported");

unmasked_entry_with_csp_test("/resource-timing/resources/csp-default-none.html",

  "Same-origin iframe that complies with CSP attribute gets reported");

// masked because this will load an error page which is cross-origin.

masked_entry_with_csp_test("/resource-timing/resources/green-frame.html",

  "Same-origin iframe that doesn't comply with CSP attribute gets reported");

masked_entry_with_csp_test(

  new URL("/resource-timing/resources/csp-default-none.html", REMOTE_ORIGIN),

  "Cross-origin iframe that complies with CSP attribute gets reported");

masked_entry_with_csp_test(

  new URL("/resource-timing/resources/green-frame.html", REMOTE_ORIGIN),

  "Cross-origin iframe that doesn't comply with CSP attribute gets reported");

masked_entry_with_csp_test(

  "/resource-timing/resources/200_empty.asis",

  "Same-origin empty iframe with a 200 status gets reported");

masked_entry_with_csp_test(

  new URL("/resource-timing/resources/200_empty.asis", REMOTE_ORIGIN),

  "Cross-origin empty iframe with a 200 status gets reported");

non_navigating_masked_entry_with_csp_test(

    new URL("/resource-timing/resources/204_empty.asis", location.origin),

    "Same-origin empty iframe with a 204 status gets reported");

non_navigating_masked_entry_with_csp_test(

    new URL("/resource-timing/resources/205_empty.asis", location.origin),

    "Same-origin empty iframe with a 205 status gets reported");

non_navigating_masked_entry_with_csp_test(

    new URL("/resource-timing/resources/204_empty.asis", REMOTE_ORIGIN),

    "Cross-origin empty iframe with a 204 status gets reported");

non_navigating_masked_entry_with_csp_test(

    new URL("/resource-timing/resources/205_empty.asis", REMOTE_ORIGIN),

    "Cross-origin empty iframe with a 205 status gets reported");

</script>

</body>

</html>