cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html

Enable keyboard shortcuts

This WPT test may be referenced by the following Test IDs:
- /shared-storage/cross-origin-create-worklet-failure-missing-access-control-allow-origin.tentative.https.sub.html - WPT Dashboard Interop Dashboard

<!doctype html>

<script src="/resources/testharness.js"></script>

<script src="/resources/testharnessreport.js"></script>

<script src="/common/utils.js"></script>

<script src="/shared-storage/resources/util.js"></script>

<script src="/fenced-frame/resources/utils.js"></script>

<body>

<script>

'use strict';

const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';

promise_test(async t => {

  const ancestor_key = token();

  const helper_url = crossOrigin +

                     `/shared-storage/resources/credentials-test-helper.py` +

                     `&access_control_allow_credentials_header=true` +

                     `&token=${ancestor_key}`;

  return promise_rejects_dom(t, "OperationError",

    sharedStorage.createWorklet(

      helper_url + `&action=store-cookie`,

      { credentials: "include" }));

}, 'createWorklet() with cross-origin module script, credentials ' +

   '"include", default data origin (context origin), and without ' +

   'Access-Control-Allow-Origin response header');

promise_test(async t => {

  const ancestor_key = token();

  const helper_url = crossOrigin +

                     `/shared-storage/resources/credentials-test-helper.py` +

                     `&access_control_allow_credentials_header=true` +

                     `&token=${ancestor_key}`;

  return promise_rejects_dom(t, "OperationError",

    sharedStorage.createWorklet(

      helper_url + `&action=store-cookie`,

      { credentials: "include", dataOrigin: "context-origin" }));

}, 'createWorklet() with cross-origin module script, credentials ' +

   '"include", "context-origin" as dataOrigin, and without the ' +

   'Access-Control-Allow-Origin response header');

promise_test(async t => {

  const ancestor_key = token();

  const helper_url = crossOrigin +

                     `/shared-storage/resources/credentials-test-helper.py` +

                     `&access_control_allow_credentials_header=true` +

                     `&shared_storage_cross_origin_worklet_allowed_header=?1` +

                     `&token=${ancestor_key}`;

  return promise_rejects_dom(t, "OperationError",

    sharedStorage.createWorklet(

      helper_url + `&action=store-cookie`,

      { credentials: "include", dataOrigin: "script-origin" }));

}, 'createWorklet() with cross-origin module script, credentials ' +

   '"include", "script-origin" as dataOrigin, and without the ' +

   'Access-Control-Allow-Origin response header');

</script>

</body>