sessionStorage-basic-partitioned.tentative.sub.html

Enable keyboard shortcuts

This test has a WPT meta file that expects 1 subtest issues.
This WPT test may be referenced by the following Test IDs:
- /webstorage/sessionStorage-basic-partitioned.tentative.sub.html - WPT Dashboard Interop Dashboard

<!doctype html>

<meta charset=utf-8>

<title>sessionStorage: partitioned storage test</title>

<meta name=help href="https://privacycg.github.io/storage-partitioning/">

<script src="/resources/testharness.js"></script>

<script src="/resources/testharnessreport.js"></script>

<iframe id="shared-iframe" src="http://{{host}}:{{ports[http][0]}}/webstorage/resources/sessionStorage-about-blank-partitioned-iframe.html"></iframe>

<body>

<script>

// Here's the set-up for this test:

// Step 1. (main window) set up messaging and same-site iframe load listeners.

// Step 2. (same-site iframe) loads, requests sessionStorage for "userID".

// Step 3. (same-site iframe) receives the message, gets or allocates sessionStorage,

// and returns the generated ID to the main frame.

// Step 4. (main window) receives "storage got set" message from same-site iframe.

// Step 5. (main window) opens a new cross-site window with the shared-iframe inside.

// Step 6. (cross-site iframe) loads, requests sessionStorage for "userID", gets or

// allocates that sessionStorage, and returns the generated ID to the main frame.

// Step 7. (main window) asserts that the generated IDs should be different, as

// they should have a different StorageKey.

const altOrigin = "http://{{hosts[alt][]}}:{{ports[http][0]}}";

async_test(t => {

  let crossSiteWindow;

  let crossSiteID;

  let sameSiteID;

  // Retrieve the iframe we created in the HTML above.

  const iframe = document.getElementById("shared-iframe");

  // Once the iframe loads, we request sessionStorage.

  iframe.addEventListener("load", t.step_func(e => {

    const payload = {

      command: "create ID",

      key: "userID",

};

    iframe.contentWindow.postMessage(payload, iframe.origin);

  }), {once: true});

  window.addEventListener("message", t.step_func(e => {

    // Once we get or allocate the sessionStorage, we expect the iframe

    // to message us back with the generated ID.

    if (e.data.message === "ID created") {

      sameSiteID = e.data.userID;

      assert_true(typeof sameSiteID === "string");

      // Now that same-site storage has been secured, we need to open a

      // new cross-site window that contains our shared-iframe to repeat

      // the process in a cross-site environment.

      if (location.origin !== altOrigin) {

        crossSiteWindow = window.open(`${altOrigin}/webstorage/sessionStorage-basic-partitioned.tentative.sub.html`, "", "noopener=false");

        t.add_cleanup(() => crossSiteWindow.close());

    // We expect that once the cross-site iframe requests sessionStorage,

    // it will message us back with the generated ID.

    if (e.data.message === "cross-site window iframe loaded") {

      crossSiteID = e.data.userID;

      t.step(() => {

        // Same and cross-site iframes should have different generated IDs.

        assert_true(typeof crossSiteID === "string");

        assert_true(sameSiteID !== crossSiteID, "IDs pulled from two partitioned iframes are different.")

});

      // Clear storage state to clean up after the test.

      iframe.contentWindow.sessionStorage.clear();

      crossSiteWindow.postMessage({command: "clearStorage"}, altOrigin);

      t.done();

};

  }));

}, "Simple test for partitioned sessionStorage");

</script>

</body>