Upstream Service Worker window test to WPT

third_party/WebKit/LayoutTests/external/wpt/service-workers/service-worker/insecure-parent-window.https.html

+<!DOCTYPE html>
+<meta charset="utf-8">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="resources/test-helpers.sub.js"></script>
+<title>Insecure parent window test</title>
+<body></body>
+<script>
+// Asks |worker| to call clients.claim. Returns a promise that resolves when
+// the worker acks that claim finished.
+function wait_for_claim(worker) {
+  var saw_message = new Promise(resolve => {
+      var channel = new MessageChannel();
+      channel.port1.onmessage = (e => resolve(e.data));
+      worker.postMessage({port: channel.port2}, [channel.port2]);
+    });
+
+  return saw_message.then(data => {
+      assert_equals(data, 'PASS', 'claim should finish');
+    });
+}
+
+// Asks |win| whether it has a controller. Returns a promise that resolves if
+// controller was null.
+function assert_no_controller(win, description) {
+  var saw_message = new Promise(resolve => {
+      window.onmessage = (e => resolve(e.data));
+      win.postMessage('', '*');
+    });
+
+  return saw_message.then(data => assert_equals(data, 'PASS', description));
+}
+
+function with_window(url) {
+  return new Promise(function(resolve) {
+      var win = open(url);
+      window.addEventListener('message', function onLoad(event) {
+          if (event.source !== win) {
+            return;
+          }
+
+          window.removeEventListener('message', onload);
+          // Reference must be boxed so that internal Promise mechanism does
+          // not trigger error when referencing the `then` property of the
+          // resolution value.
+          resolve([win]);
+        }, false);
+    });
+}
+
+// This test creates HTTPS iframes inside insecure HTTP windows. It registers a
+// service worker that should not control the in-scope iframes. The iframes
+// communicate whether they have a controller to their parent, which forwards
+// the message to the top-level test document.
+promise_test(t => {
+    var script = 'resources/claim-worker.js';
+    var scope = 'resources/insecure-inscope';
+    var registration;
+    var insecure_url = get_host_info().UNAUTHENTICATED_ORIGIN +
+              '/service-workers/service-worker/resources/insecure-parent-window.html';
+    var pre_registration_window;
+    var post_registration_window;
+
+    return navigator.serviceWorker.getRegistration(scope)
+      // Unregister.
+      .then(reg => {
+          if (reg) {
+            return reg.unregister();
+          }
+        })
+
+      // Create a window prior to registration.
+      .then(() => with_window(insecure_url))
+
+      // Register.
+      .then(boxed_window => {
+          pre_registration_window = boxed_window[0];
+          t.add_cleanup(() => pre_registration_window.close());
+          return navigator.serviceWorker.register(script, {scope:scope});
+        })
+      .then(reg => {
+          registration = reg;
+          return wait_for_state(t, registration.installing, 'activated');
+        })
+
+      // Create a window after registration.
+      .then(() => with_window(insecure_url))
+      .then(boxed_window => {
+          post_registration_window = boxed_window[0];
+          t.add_cleanup(() => post_registration_window.close());
+        })
+      // Check that no window is controlled.
+      .then(() => assert_no_controller(pre_registration_window,
+                      'pre_registration_window should not be controlled'))
+      .then(() => assert_no_controller(post_registration_window,
+                      'post_registration_window should not be controlled'))
+
+      // Attempt to claim. The windows should still have no controllers.
+      .then(() => wait_for_claim(registration.active))
+      .then(() => assert_no_controller(pre_registration_window,
+                      'pre_registration_window should not be claimed'))
+      .then(() => assert_no_controller(post_registration_window,
+                      'post_registration_window should not be claimed'));
+  }, 'Service worker does not control a subframe of an insecure window');
+</script>