createcredential-nested-frame.https.html

Enable keyboard shortcuts

This test has a WPT meta file that expects 1 subtest issues.
This WPT test may be referenced by the following Test IDs:
- /webauthn/createcredential-nested-frame.https.html - WPT Dashboard Interop Dashboard

<!DOCTYPE html>

<meta charset="utf-8">

<title>WebAuthn credential.create() in a nested frame</title>

<link rel="help" href="https://w3c.github.io/webauthn/#publickey-credentials-create-feature">

<script src="/resources/testharness.js"></script>

<script src="/resources/testharnessreport.js"></script>

<script src="/resources/testdriver.js"></script>

<script src="/resources/testdriver-vendor.js"></script>

<script src="/resources/common-inputs.js"></script>

<script src=helpers.js></script>

<body></body>

<script>

  standardSetup(function () {

    "use strict";

    const CREATE_CREDENTIALS = `

      navigator.credentials.create({

        publicKey: {

          challenge: Uint8Array.from([]),

          rp: { name: "rp" },

          user: { id: Uint8Array.from([]), name: "marisa", displayName: "Marisa" },

          pubKeyCredParams: [{type: "public-key", alg: -7}],

      }).then(c => window.parent.postMessage("OK", "*"))

        .catch(e => window.parent.postMessage("Error: " + e.toString(), "*"));

`;

    promise_test(async t => {

      const frame = document.createElement("iframe");

      const loadPromise = new EventWatcher(t, frame, "load").wait_for("load");

      document.body.append(frame);

      await loadPromise;

      frame.contentWindow.location = "javascript:" + CREATE_CREDENTIALS;

      const messageWatcher = new EventWatcher(t, window, "message");

      const { data } = await messageWatcher.wait_for("message");

      assert_equals(data, "OK");

    }, "navigator.credentials.create({publicKey}) in a javascript url should should succeed.");

    promise_test(async t => {

      let frame = document.createElement("iframe");

      const loadPromise = new EventWatcher(t, frame, "load").wait_for("load");

      frame.srcdoc = "";

      document.body.append(frame);

      await loadPromise;

      frame.contentWindow.eval(CREATE_CREDENTIALS);

      let eventWatcher = new EventWatcher(t, window, "message");

      const { data } = await eventWatcher.wait_for("message");

      assert_equals(data, "OK");

    }, "navigator.credentials.create({publicKey}) in srcdoc should succeed.");

    promise_test(async t => {

      let frame = document.createElement("iframe");

      const loadPromise = new EventWatcher(t, frame, "load").wait_for("load");

      frame.src = "about:blank";

      document.body.append(frame);

      await loadPromise;

      frame.contentDocument.write("<script>" + CREATE_CREDENTIALS + "<\/script>");

      let eventWatcher = new EventWatcher(t, window, "message");

      const { data } = await eventWatcher.wait_for("message");

      assert_equals(data, "OK");

    }, "navigator.credentials.create({publicKey}) in about:blank embedded in a secure context should succeed.");

    promise_test(async t => {

      let frame = document.createElement("iframe");

      const eventWatcher = new EventWatcher(t, window, "message");

      frame.src = "resources/webauthn-subframe.sub.html";

      document.body.append(frame);

      assert_equals((await eventWatcher.wait_for("message")).data.type, "subframe-loaded");

      frame.contentWindow.postMessage({ type: "create-credential", addUserActivation: false });

      const { data } = await eventWatcher.wait_for("message");

      assert_equals(data.result, "success", "Error: " + data.error);

    }, "navigator.credentials.create({publicKey}) in a same-origin frame should succeed without requiring user activation.");

  }, {

    protocol: "ctap2_1",

    hasUserVerification: true,

    isUserVerified: true,

});

</script>