Update WPT tests for embedded content
[WebKit-https.git] / LayoutTests / imported / w3c / web-platform-tests / html / semantics / embedded-content / the-iframe-element / iframe-allow.html
1 <!doctype html>
2 <meta charset=utf-8>
3 <title>Check processing of allow attribute in nested browsing context</title>
4 <link rel="author" title="Google" href="https://www.google.com">
5 <link rel="help" href="https://html.spec.whatwg.org/multipage/iframe-embed-object.html#attr-iframe-allow">
6 <link rel="help" href="https://html.spec.whatwg.org/multipage/browsing-the-web.html#initialise-the-document-object">
7 <link rel="help" href="https://fullscreen.spec.whatwg.org/#fullscreen-enabled-flag">
8 <script src="/resources/testharness.js"></script>
9 <script src="/resources/testharnessreport.js"></script>
10
11 <div id="log"></div>
12 <script>
13   // This returns a data URL (cross-origin with the containing document) which
14   // advances a counter, and reports the counter value together with the
15   // document's fullscreenEnabled state, every time it receives a postMessage.
16   // Fullscreen itself is not important for this test, but the flag is a useful
17   // indicator of whether a policy-controlled-feature is allowed or denied.
18   function getSourceForCrossOriginPage(initial_count) {
19     var page_contents = "<html><body><script>var count="+initial_count+";window.addEventListener('message',function(){parent.postMessage({'count':count++,'fullscreenEnabled':document.fullscreenEnabled},'*');});</scr"+"ipt></body></html>";
20     return "data:text/html;base64,"+btoa(page_contents);
21   }
22
23   async_test(function(t) {
24     var iframe = document.createElement("iframe");
25     iframe.src = getSourceForCrossOriginPage(0);
26
27     iframe.addEventListener('load', function() {
28       // Request the fullscreenEnabled state whenever the frame loads
29       iframe.contentWindow.postMessage(true,"*");
30     });
31
32     window.addEventListener('message', this.step_func(function(msg) {
33       if (msg.data.count == 0) {
34         assert_false(msg.data.fullscreenEnabled, "Document inside cross-origin iframe without allow attribute should not have feature enabled");
35         iframe.setAttribute("allow", "fullscreen");
36         iframe.contentWindow.postMessage(true,"*"); // Request state again
37       } else if (msg.data.count == 1) {
38         assert_false(msg.data.fullscreenEnabled, "Feature should be denied when correct allow attribute is added, before reload");
39         iframe.src = getSourceForCrossOriginPage(2); // Reload the frame
40       } else if (msg.data.count == 2) {
41         assert_true(msg.data.fullscreenEnabled, "Feature should be allowed when correct allow attribute is added, after reload");
42         iframe.removeAttribute("allow");
43         iframe.contentWindow.postMessage(true,"*"); // Request state again
44       } else if (msg.data.count == 3) {
45         assert_true(msg.data.fullscreenEnabled, "Feature should be allowed when allow attribute is removed, before reload");
46         iframe.src = getSourceForCrossOriginPage(4); // Reload the frame
47       } else if (msg.data.count == 4) {
48         assert_false(msg.data.fullscreenEnabled, "Feature should be denied when allow attribute is removed, after reload");
49         iframe.setAttribute("allow", "payment");  // Set allow to an unrelated feature
50         iframe.src = getSourceForCrossOriginPage(5); // Reload the frame
51       } else if (msg.data.count == 5) {
52         assert_false(msg.data.fullscreenEnabled, "Feature should be denied with incorrect allow attribute");
53         iframe.setAttribute("allow", "payment;fullscreen");  // Include fullscreen again
54         iframe.src = getSourceForCrossOriginPage(6); // Reload the frame
55       } else if (msg.data.count == 6) {
56         assert_true(msg.data.fullscreenEnabled, "Feature should be allowed with complex allow attribute");
57         t.done();
58       } else {
59         assert_unreached();
60       }
61     }));
62
63     document.body.appendChild(iframe);
64   }, "iframe-cross-origin-allow");
65
66 </script>