Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(103)

Unified Diff: third_party/WebKit/LayoutTests/http/tests/cookies/same-site/popup-cross-site.html

Issue 1783813002: SameSite: Strict/Lax behavior. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@strict-lax
Patch Set: Comment. Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/LayoutTests/http/tests/cookies/same-site/popup-cross-site.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/cookies/same-site/popup-cross-site.html b/third_party/WebKit/LayoutTests/http/tests/cookies/same-site/popup-cross-site.html
new file mode 100644
index 0000000000000000000000000000000000000000..52db692bbfe3a2a3ef50acc4b0ba0a50a266f294
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/cookies/same-site/popup-cross-site.html
@@ -0,0 +1,26 @@
+<!doctype html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/cookies/resources/testharness-helpers.js"></script>
+<script>
+// Set cookies on ORIGINAL_HOST, then move ourselves to TEST_ROOT so
+// we can verify cross-origin behavior.
+if (window.location.hostname == ORIGINAL_HOST) {
+ clearKnownCookies();
+ document.cookie = STRICT_DOM + "=1; SameSite=Strict; Max-Age=100; path=/";
+ document.cookie = LAX_DOM + "=1; SameSite=Lax; Max-Age=100; path=/";
+ document.cookie = NORMAL_DOM + "=1; Max-Age=100; path=/";
+ window.location.hostname = TEST_HOST;
+} else {
+ async_test(t => {
+ var i = window.open("http://" + ORIGINAL_HOST + ":8000/cookies/resources/post-cookies-to-opener.php");
+ window.addEventListener("message", t.step_func_done(e => {
+ assert_equals(e.data.http[STRICT_DOM], undefined, "strict");
+ assert_equals(e.data.http[LAX_DOM], "1", "lax");
+ assert_equals(e.data.http[NORMAL_DOM], "1", "normal");
+ // TODO(mkwst): This should exclude the strict cookie.
+ assert_equals(e.data.document, STRICT_DOM + "=1; " + LAX_DOM + "=1; " + NORMAL_DOM + "=1");
+ }));
+ }, "'" + ORIGINAL_HOST + "' is not same-site with '" + TEST_HOST + "', so strict samesite cookies are not sent.");
+}
+</script>

Powered by Google App Engine
This is Rietveld 408576698