Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(233)

Unified Diff: third_party/WebKit/LayoutTests/http/tests/serviceworker/insecure-parent-frame.html

Issue 2009453002: service worker: Don't control a subframe of an insecure context (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: refactor errorMessage Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/LayoutTests/http/tests/serviceworker/insecure-parent-frame.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/serviceworker/insecure-parent-frame.html b/third_party/WebKit/LayoutTests/http/tests/serviceworker/insecure-parent-frame.html
new file mode 100644
index 0000000000000000000000000000000000000000..5f0cb068c3bf9d62cf1586d4dce3c2e5c99bc8de
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/serviceworker/insecure-parent-frame.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<script src="../resources/testharness.js"></script>
+<script src="../resources/testharnessreport.js"></script>
+<script src="../resources/get-host-info.js?pipe=sub"></script>
+<script src="resources/test-helpers.js"></script>
+<title>Page Title</title>
+<body></body>
+<script>
+var host_info = get_host_info();
+
+var saw_message = new Promise(resolve => {
+ window.addEventListener('message', e => resolve(e.data));
+ });
+
+// This test registers a service worker, then creates an in-scope
+// https iframe inside an insecure http iframe. The in-scope iframe
+// communicates whether it has a controller to the top-level frame.
+promise_test(t => {
+ var script = 'resources/empty-worker.js';
+ var scope = 'resources/insecure-inscope';
+ return service_worker_unregister_and_register(t, script, scope)
+ .then(reg => {
+ add_completion_callback(() => reg.unregister());
+ return wait_for_state(t, reg.installing, 'activated');
+ })
+ .then(() => {
+ var url = host_info.UNAUTHENTICATED_ORIGIN +
+ '/serviceworker/resources/insecure-parent.html';
+ return with_iframe(url);
+ })
+ .then(() => saw_message)
+ .then(data => assert_equals(data, 'PASS'));
+ }, 'Service worker does not control the subframe of an insecure frame');
+</script>

Powered by Google App Engine
This is Rietveld 408576698