| Index: LayoutTests/http/tests/serviceworker/chromium/sandboxed-iframe-navigator-serviceworker.html
|
| diff --git a/LayoutTests/http/tests/serviceworker/chromium/sandboxed-iframe-navigator-serviceworker.html b/LayoutTests/http/tests/serviceworker/chromium/sandboxed-iframe-navigator-serviceworker.html
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..ca1001b3d30a207fb3919cbabc05c1edd373b371
|
| --- /dev/null
|
| +++ b/LayoutTests/http/tests/serviceworker/chromium/sandboxed-iframe-navigator-serviceworker.html
|
| @@ -0,0 +1,87 @@
|
| +<!DOCTYPE html>
|
| +<title>Accessing navigator.serviceWorker in sandboxed iframe.</title>
|
| +<script src="../../resources/testharness.js"></script>
|
| +<script src="../../resources/testharnessreport.js"></script>
|
| +<script src="../resources/test-helpers.js"></script>
|
| +<body>
|
| +<script>
|
| +
|
| +function with_sandboxed_iframe(url, sandbox) {
|
| + return new Promise(function(resolve) {
|
| + var frame = document.createElement('iframe');
|
| + frame.sandbox = sandbox;
|
| + frame.src = url;
|
| + frame.onload = function() { resolve(frame); };
|
| + document.body.appendChild(frame);
|
| + });
|
| +}
|
| +
|
| +var lastCallbackId = 0;
|
| +var callbacks = {};
|
| +function postMassageAndWaitResult(frame) {
|
| + return new Promise(function(resolve) {
|
| + var id = ++lastCallbackId;
|
| + callbacks[id] = resolve;
|
| + frame.contentWindow.postMessage({id:id}, '*');
|
| + });
|
| +}
|
| +
|
| +window.onmessage = function (e) {
|
| + message = e.data;
|
| + var id = message['id'];
|
| + var calback = callbacks[id];
|
| + delete callbacks[id];
|
| + calback(message['result']);
|
| +};
|
| +
|
| +promise_test(function(t) {
|
| + var url = 'resources/sandboxed-iframe-navigator-serviceworker-iframe.html';
|
| + var frame;
|
| + return with_iframe(url)
|
| + .then(function(f) {
|
| + frame = f;
|
| + return postMassageAndWaitResult(f);
|
| + })
|
| + .then(function(result) {
|
| + frame.remove();
|
| + assert_equals(result, 'ok');
|
| + t.done();
|
| + });
|
| + }, 'Accessing navigator.serviceWorker in normal iframe should not throw.');
|
| +
|
| +promise_test(function(t) {
|
| + var url = 'resources/sandboxed-iframe-navigator-serviceworker-iframe.html';
|
| + var frame;
|
| + return with_sandboxed_iframe(url, 'allow-scripts')
|
| + .then(function(f) {
|
| + frame = f;
|
| + return postMassageAndWaitResult(f);
|
| + })
|
| + .then(function(result) {
|
| + frame.remove();
|
| + assert_equals(
|
| + result,
|
| + 'SecurityError: Failed to read the \'serviceWorker\' property from \'Navigator\': Service worker is disabled because the context is sandboxed and lacks the \'allow-same-origin\' flag.');
|
| + t.done();
|
| + });
|
| + }, 'Accessing navigator.serviceWorker in sandboxed iframe should throw.');
|
| +
|
| +promise_test(function(t) {
|
| + var url = 'resources/sandboxed-iframe-navigator-serviceworker-iframe.html';
|
| + var frame;
|
| + return with_sandboxed_iframe(url, 'allow-scripts allow-same-origin')
|
| + .then(function(f) {
|
| + frame = f;
|
| + return postMassageAndWaitResult(f);
|
| + })
|
| + .then(function(result) {
|
| + frame.remove();
|
| + assert_equals(result, 'ok');
|
| + t.done();
|
| + });
|
| + },
|
| + 'Accessing navigator.serviceWorker in sandboxed iframe with ' +
|
| + 'allow-same-origin flag should not throw.');
|
| +
|
| +</script>
|
| +</body>
|
|
|
Chromium Code Reviews
Issue 1199183002:
Throw a SecurityError when navigator.serviceWorker is accessed in a sandboxed iframe. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master