AudioSourceProviderAVFObjC uses atomic variables but also locks with mutex
[WebKit-https.git] / LayoutTests / imported / w3c / web-platform-tests / html / browsers / origin / relaxing-the-same-origin-restriction / document_domain_setter.html
1 <!doctype html>
2 <html>
3   <head>
4     <title>document.domain's setter</title>
5     <script src="/resources/testharness.js"></script>
6     <script src="/resources/testharnessreport.js"></script>
7     <script src="/common/get-host-info.sub.js"></script>
8   </head>
9   <body>
10     <iframe id="iframe"></iframe>
11     <script>
12       var host_info = get_host_info();
13       var HTTP_PORT = host_info.HTTP_PORT;
14       var ORIGINAL_HOST = host_info.ORIGINAL_HOST;
15       var SUFFIX_HOST = ORIGINAL_HOST.substring(ORIGINAL_HOST.lastIndexOf('.') + 1); // e.g. "test"
16       var REMOTE_HOST = host_info.REMOTE_HOST;
17       var iframe = document.getElementById("iframe");
18       var iframe_url = new URL("support/document_domain_setter_iframe.html", document.location);
19       iframe_url.hostname = REMOTE_HOST;
20       iframe.src = iframe_url;
21
22       test(function() {
23         assert_throws_dom("SecurityError", function() { document.domain = SUFFIX_HOST; });
24         assert_throws_dom("SecurityError", function() { document.domain = "." + SUFFIX_HOST; });
25         assert_throws_dom("SecurityError", function() { document.domain = REMOTE_HOST; });
26         assert_throws_dom("SecurityError", function() { document.domain = "example.com"; });
27       }, "failed setting of document.domain");
28
29       async_test(function(t) {
30         iframe.addEventListener("load", t.step_func_done(function() {
31           // Before setting document.domain, the iframe is not
32           // same-origin-domain, so security checks fail.
33           assert_equals(iframe.contentDocument, null);
34           assert_throws_dom("SecurityError", () => iframe.contentWindow.frameElement);
35           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.origin; });
36           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.href; });
37           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.protocol; });
38           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.host; });
39           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.port; });
40           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.hostname; });
41           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.pathname; });
42           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.hash; });
43           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.search; });
44           assert_throws_dom("SecurityError", function() { iframe.contentWindow.location.toString(); });
45           // Set document.domain
46           document.domain = ORIGINAL_HOST;
47           // After setting document.domain, the iframe is
48           // same-origin-domain, so security checks pass.
49           assert_equals(iframe.contentDocument.domain, document.domain);
50           assert_equals(iframe.contentWindow.frameElement, iframe);
51           assert_equals(iframe.contentWindow.origin, iframe_url.origin);
52           assert_equals(iframe.contentWindow.location.href, iframe_url.href);
53           assert_equals(iframe.contentWindow.location.protocol, iframe_url.protocol);
54           assert_equals(iframe.contentWindow.location.host, iframe_url.host);
55           assert_equals(iframe.contentWindow.location.port, iframe_url.port);
56           assert_equals(iframe.contentWindow.location.hostname, iframe_url.hostname);
57           assert_equals(iframe.contentWindow.location.pathname, iframe_url.pathname);
58           assert_equals(iframe.contentWindow.location.hash, iframe_url.hash);
59           assert_equals(iframe.contentWindow.location.search, iframe_url.search);
60           assert_equals(iframe.contentWindow.location.search, iframe_url.search);
61           assert_equals(iframe.contentWindow.location.toString(), iframe_url.toString());
62           // document.open checks for same-origin, not same-origin-domain,
63           // https://github.com/whatwg/html/issues/2282
64           assert_throws_dom("SecurityError", iframe.contentWindow.DOMException,
65                             function() { iframe.contentDocument.open(); });
66         }));
67       }, "same-origin-domain iframe");
68
69       test(() => {
70         assert_throws_dom("SecurityError", () => { (new Document).domain = document.domain });
71         assert_throws_dom("SecurityError", () => { document.implementation.createHTMLDocument().domain = document.domain });
72         assert_throws_dom("SecurityError", () => { document.implementation.createDocument(null, "").domain = document.domain });
73       }, "failed setting of document.domain for documents without browsing context");
74     </script>
75   </body>
76 </html>