| <!DOCTYPE html> |
| <meta charset="utf-8"> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="/common/get-host-info.sub.js"></script> |
| |
| <script type="text/javascript"> |
| host_info = get_host_info(); |
| |
| document.cookie = 'same=1'; |
| |
| const setCookiePromise = fetch( |
| 'http://{{domains[www2]}}:{{ports[http][0]}}/cookies/resources/set-cookie.py?name=cross&path=/html/semantics/scripting-1/the-script-element/module/', |
| { |
| mode: 'no-cors', |
| credentials: 'include', |
| }); |
| |
| const windowLoadPromise = new Promise(resolve => { |
| window.addEventListener('load', () => { |
| resolve(); |
| }); |
| }); |
| |
| promise_test(t => { |
| const iframe = document.createElement('iframe'); |
| |
| return Promise.all([setCookiePromise, windowLoadPromise]).then(() => { |
| const messagePromise = new Promise(resolve => { |
| window.addEventListener('message', event => { |
| resolve(); |
| }); |
| }); |
| |
| iframe.src = 'resources/credentials-iframe.sub.html'; |
| document.body.appendChild(iframe); |
| |
| return messagePromise; |
| }).then(() => { |
| const w = iframe.contentWindow; |
| |
| assert_equals(w.sameOriginNone, 'not found', |
| 'Modules should be loaded without the credentials when the crossOrigin attribute is not specified and the target is same-origin'); |
| assert_equals(w.sameOriginAnonymous, 'found', |
| 'Modules should be loaded with the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is same-origin'); |
| assert_equals(w.sameOriginUseCredentials, 'found', |
| 'Modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is same-origin'); |
| assert_equals(w.crossOriginNone, 'not found', |
| 'Modules should be loaded without the credentials when the crossOrigin attribute is not specified and the target is cross-origin'); |
| assert_equals(w.crossOriginAnonymous, 'not found', |
| 'Modules should be loaded without the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is cross-origin'); |
| assert_equals(w.crossOriginUseCredentials, 'found', |
| 'Modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is cross-origin'); |
| |
| assert_equals(w.sameOriginNoneDecendent, 'not found', |
| 'Decendent modules should be loaded without the credentials when the crossOrigin attribute is not specified and the target is same-origin'); |
| assert_equals(w.sameOriginAnonymousDecendent, 'found', |
| 'Decendent modules should be loaded with the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is same-origin'); |
| assert_equals(w.sameOriginUseCredentialsDecendent, 'found', |
| 'Decendent modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is same-origin'); |
| assert_equals(w.crossOriginNoneDecendent, 'not found', |
| 'Decendent modules should be loaded without the credentials when the crossOrigin attribute is not specified and the target is cross-origin'); |
| assert_equals(w.crossOriginAnonymousDecendent, 'not found', |
| 'Decendent modules should be loaded without the credentials when the crossOrigin attribute is specified with "anonymous" as its value and the target is cross-origin'); |
| assert_equals(w.crossOriginUseCredentialsDecendent, 'found', |
| 'Decendent modules should be loaded with the credentials when the crossOrigin attribute is specified with "use-credentials" as its value and the target is cross-origin'); |
| }); |
| }, 'Modules should be loaded with or without the credentials based on the same-origin-ness and the crossOrigin attribute'); |
| </script> |
| <body> |
| </body> |