| OLD | NEW |
|---|
| (Empty) |
| 1 <!DOCTYPE html> | |
| 2 <meta charset="utf-8"> | |
| 3 <script src="../resources/testharness.js"></script> | |
| 4 <script src="../resources/testharnessreport.js"></script> | |
| 5 <script src="../resources/get-host-info.js?pipe=sub"></script> | |
| 6 <script src="resources/test-helpers.js"></script> | |
| 7 <title>Insecure parent frame test</title> | |
| 8 <body></body> | |
| 9 <script> | |
| 10 // Asks |worker| to call clients.claim. Returns a promise that resolves when | |
| 11 // the worker acks that claim finished. | |
| 12 function wait_for_claim(worker) { | |
| 13 var saw_message = new Promise(resolve => { | |
| 14 var channel = new MessageChannel(); | |
| 15 channel.port1.onmessage = (e => resolve(e.data)); | |
| 16 worker.postMessage({port: channel.port2}, [channel.port2]); | |
| 17 }); | |
| 18 | |
| 19 return saw_message.then(data => { | |
| 20 assert_equals(data, 'PASS', 'claim should finish'); | |
| 21 }); | |
| 22 } | |
| 23 | |
| 24 // Asks |frame| whether it has a controller. Returns a promise that resolves | |
| 25 // if controller was null. | |
| 26 function assert_no_controller(frame, description) { | |
| 27 var saw_message = new Promise(resolve => { | |
| 28 window.onmessage = (e => resolve(e.data)); | |
| 29 frame.contentWindow.postMessage('', '*'); | |
| 30 }); | |
| 31 | |
| 32 return saw_message.then(data => assert_equals(data, 'PASS', description)); | |
| 33 } | |
| 34 | |
| 35 // This test creates https iframes inside insecure http iframes. It registers a | |
| 36 // service worker that should not control the in-scope iframes. The iframes | |
| 37 // communicate whether they have a controller to the top-level frame. | |
| 38 promise_test(t => { | |
| 39 var script = 'resources/claim-worker.js'; | |
| 40 var scope = 'resources/insecure-inscope'; | |
| 41 var registration; | |
| 42 var insecure_url = get_host_info().UNAUTHENTICATED_ORIGIN + | |
| 43 '/serviceworker/resources/insecure-parent.html'; | |
| 44 var pre_registration_frame; | |
| 45 var post_registration_frame; | |
| 46 | |
| 47 return navigator.serviceWorker.getRegistration(scope) | |
| 48 // Unregister. | |
| 49 .then(reg => { | |
| 50 if (reg) | |
| 51 return reg.unregister(); | |
| 52 }) | |
| 53 | |
| 54 // Create an iframe prior to registration. | |
| 55 .then(() => with_iframe(insecure_url)) | |
| 56 | |
| 57 // Register. | |
| 58 .then(frame => { | |
| 59 pre_registration_frame = frame; | |
| 60 add_result_callback(() => pre_registration_frame.remove()); | |
| 61 return navigator.serviceWorker.register(script, {scope:scope}); | |
| 62 }) | |
| 63 .then(reg => { | |
| 64 registration = reg; | |
| 65 return wait_for_state(t, registration.installing, 'activated'); | |
| 66 }) | |
| 67 | |
| 68 // Create an iframe after registration. | |
| 69 .then(() => with_iframe(insecure_url)) | |
| 70 .then(frame => post_registration_frame = frame) | |
| 71 | |
| 72 // Check that no frame is controlled. | |
| 73 .then(() => assert_no_controller(pre_registration_frame, | |
| 74 'pre_registration_frame should not be controlled')) | |
| 75 .then(() => assert_no_controller(post_registration_frame, | |
| 76 'post_registration_frame should not be controlled')) | |
| 77 | |
| 78 // Attempt to claim. The iframes should still have no controllers. | |
| 79 .then(() => wait_for_claim(registration.active)) | |
| 80 .then(() => assert_no_controller(pre_registration_frame, | |
| 81 'pre_registration_frame should not be claimed')) | |
| 82 .then(() => assert_no_controller(post_registration_frame, | |
| 83 'post_registration_frame should not be claimed')); | |
| 84 }, 'Service worker does not control a subframe of an insecure frame'); | |
| 85 </script> | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2869093002:
Upstream Service Worker window test to WPT
