Source code
Revision control
Copy as Markdown
Other Tools
Test Info:
- This WPT test may be referenced by the following Test IDs:
- /shared-storage/cross-origin-create-worklet-false-shared-storage-cross-origin-worklet-allowed.tentative.https.sub.html - WPT Dashboard Interop Dashboard
<!doctype html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/utils.js"></script>
<script src="/shared-storage/resources/util.js"></script>
<script src="/fenced-frame/resources/utils.js"></script>
<body>
<script>
'use strict';
const helperUrlBase = crossOrigin +
`/shared-storage/resources/credentials-test-helper.py`;
promise_test(async t => {
const ancestor_key = token();
const helper_url = helperUrlBase +
`?access_control_allow_origin_header=${window.origin}` +
`&access_control_allow_credentials_header=true` +
`&shared_storage_cross_origin_worklet_allowed_header=?0` +
`&token=${ancestor_key}`;
await sharedStorage.createWorklet(
helper_url + `&action=store-cookie`,
{ credentials: "include" });
}, 'createWorklet() with cross-origin module script, credentials ' +
'"include", default data origin (context origin), and with the ' +
'Shared-Storage-Cross-Origin-Worklet-Allowed response header value ' +
'set to false (?0)');
promise_test(async t => {
const ancestor_key = token();
const helper_url = helperUrlBase +
`?access_control_allow_origin_header=${window.origin}` +
`&access_control_allow_credentials_header=true` +
`&shared_storage_cross_origin_worklet_allowed_header=?0` +
`&token=${ancestor_key}`;
await sharedStorage.createWorklet(
helper_url + `&action=store-cookie`,
{ credentials: "include", dataOrigin: "context-origin" });
}, 'createWorklet() with cross-origin module script, credentials ' +
'"include", "context-origin" as dataOrigin, and with the ' +
'Shared-Storage-Cross-Origin-Worklet-Allowed response header value ' +
'set to false (?0)');
promise_test(async t => {
const ancestor_key = token();
const helper_url = helperUrlBase +
`?access_control_allow_origin_header=${window.origin}` +
`&access_control_allow_credentials_header=true` +
`&shared_storage_cross_origin_worklet_allowed_header=?0` +
`&token=${ancestor_key}`;
return promise_rejects_dom(t, "OperationError",
sharedStorage.createWorklet(
helper_url + `&action=store-cookie`,
{ credentials: "include", dataOrigin: "script-origin" }));
}, 'createWorklet() with cross-origin module script, credentials ' +
'"include", "script-origin" as dataOrigin, and with the ' +
'Shared-Storage-Cross-Origin-Worklet-Allowed response header value ' +
'set to false (?0)');
</script>
</body>