We should use "error" redirect mode for fetching service worker scripts
[WebKit-https.git] / LayoutTests / imported / w3c / web-platform-tests / service-workers / service-worker / resources / registration-tests-security-error.js
1 // Registration tests that mostly exercise SecurityError cases.
2 function registration_tests_security_error(register_method, check_error_types) {
3   promise_test(function(t) {
4       var script = 'resources/registration-worker.js';
5       var scope = 'resources';
6       return promise_rejects(t,
7           check_error_types ? 'SecurityError' : null,
8           register_method(script, {scope: scope}),
9           'Registering same scope as the script directory without the last ' +
10               'slash should fail with SecurityError.');
11     }, 'Registering same scope as the script directory without the last slash');
12
13   promise_test(function(t) {
14       var script = 'resources/registration-worker.js';
15       var scope = 'different-directory/';
16       return promise_rejects(t,
17           check_error_types ? 'SecurityError' : null,
18           register_method(script, {scope: scope}),
19           'Registration scope outside the script directory should fail ' +
20               'with SecurityError.');
21     }, 'Registration scope outside the script directory');
22
23   promise_test(function(t) {
24       var script = 'resources/registration-worker.js';
25       var scope = 'http://example.com/';
26       return promise_rejects(t,
27           check_error_types ? 'SecurityError' : null,
28           register_method(script, {scope: scope}),
29           'Registration scope outside domain should fail with SecurityError.');
30     }, 'Registering scope outside domain');
31
32   promise_test(function(t) {
33       var script = 'http://example.com/worker.js';
34       var scope = 'http://example.com/scope/';
35       return promise_rejects(t,
36           check_error_types ? 'SecurityError' : null,
37           register_method(script, {scope: scope}),
38           'Registration script outside domain should fail with SecurityError.');
39     }, 'Registering script outside domain');
40
41   promise_test(function(t) {
42       var script = 'resources/redirect.py?Redirect=' +
43                     encodeURIComponent('/service-workers/service-worker/resources/registration-worker.js');
44       var scope = 'resources/scope/redirect/';
45       return promise_rejects(t,
46           check_error_types ? 'SecurityError' : null,
47           register_method(script, {scope: scope}),
48           'Registration of redirected script should fail.');
49     }, 'Registering redirected script');
50
51   promise_test(function(t) {
52       var script = 'resources/empty-worker.js';
53       var scope = 'resources/../scope/parent-reference-in-scope';
54       return promise_rejects(t,
55           check_error_types ? 'SecurityError' : null,
56           register_method(script, {scope: scope}),
57           'Scope not under the script directory should be rejected.');
58     }, 'Scope including parent-reference and not under the script directory');
59
60   promise_test(function(t) {
61       var script = 'resources////empty-worker.js';
62       var scope = 'resources/scope/consecutive-slashes-in-script-url';
63       return promise_rejects(t,
64           check_error_types ? 'SecurityError' : null,
65           register_method(script, {scope: scope}),
66           'Consecutive slashes in the script url should not be unified.');
67     }, 'Script URL including consecutive slashes');
68
69   promise_test(function(t) {
70       var script = 'filesystem:' + normalizeURL('resources/empty-worker.js');
71       var scope = 'resources/scope/filesystem-script-url';
72       return promise_rejects(t,
73           check_error_types ? 'SecurityError' : null,
74           register_method(script, {scope: scope}),
75           'Registering a script which has same-origin filesystem: URL should ' +
76               'fail with SecurityError.');
77     }, 'Script URL is same-origin filesystem: URL');
78 }