third_party/WebKit/LayoutTests/http/tests/serviceworker/service-worker-allowed.html

<!DOCTYPE html>
<!-- This test should be upstreamed to WPT if an existing test
     isn't there yet.
-->
<title>Service Worker: Service-Worker-Allowed header</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/get-host-info.js"></script>
<script src="resources/test-helpers.js"></script>
<script>

var host_info = get_host_info();

promise_test(function(t) {
    var script = 'resources/service-worker-allowed-worker.php' +
      '?ServiceWorkerAllowed=/allowed-path';
    var scope = '/allowed-path';
    return navigator.serviceWorker.register(script, {scope: scope})
      .then(function(registration) {
          assert_true(
            registration instanceof ServiceWorkerRegistration,
            'Successfully registered.');
          assert_equals(
            registration.scope,
            normalizeURL(scope),
            'Registering within Service-Worker-Allowed path should pass');
          service_worker_unregister_and_done(t, scope);
        })
  }, 'Registering within Service-Worker-Allowed path');

promise_test(function(t) {
    var script = 'resources/service-worker-allowed-worker.php' +
      '?ServiceWorkerAllowed=../allowed-path-with-parent';
    var scope = 'allowed-path-with-parent';
    return navigator.serviceWorker.register(script, {scope: scope})
      .then(function(registration) {
          assert_true(
            registration instanceof ServiceWorkerRegistration,
            'Successfully registered.');
          assert_equals(
            registration.scope,
            normalizeURL(scope),
            'Registering within Service-Worker-Allowed path with parent ' +
            'reference should pass');
          service_worker_unregister_and_done(t, scope);
        })
  }, 'Registering within Service-Worker-Allowed path with parent reference');

promise_test(function(t) {
    var script = 'resources/service-worker-allowed-worker.php' +
      '?ServiceWorkerAllowed=/allowed-path';
    var scope = '/disallowed-path';
    return promise_rejects(t,
        'SecurityError',
        navigator.serviceWorker.register(script, {scope: scope}),
        'Registering outside Service-Worker-Allowed path should fail');
  }, 'Registering outside Service-Worker-Allowed path');

promise_test(function(t) {
    var script = 'resources/service-worker-allowed-worker.php' +
      '?ServiceWorkerAllowed=../allowed-path-with-parent';
    var scope = '/allowed-path-with-parent';
    return promise_rejects(t,
        'SecurityError',
        navigator.serviceWorker.register(script, {scope: scope}),
        'Registering outside Service-Worker-Allowed path with parent ' +
          'reference should fail');
  }, 'Registering outside Service-Worker-Allowed path with parent reference');

promise_test(function(t) {
    var script = host_info.HTTPS_REMOTE_ORIGIN +
      '/serviceworker/resources/' +
      'service-worker-allowed-worker.php' +
      '?ServiceWorkerAllowed=' +
      host_info.HTTP_REMOTE_ORIGIN + '/cross-origin/';
    var scope = '/cross-origin/';
    return promise_rejects(t,
        'SecurityError',
        navigator.serviceWorker.register(script, {scope: scope}),
        'Registering cross-origin Service-Worker-Allowed should fail');
  }, 'Registering cross-origin Service-Worker-Allowed');

</script>