<!DOCTYPE html>
<meta charset=utf-8>
<title>IDBFactory.databases() and opaque origins</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
function load_iframe(src, sandbox) {
return new Promise(resolve => {
const iframe = document.createElement('iframe');
iframe.onload = () => { resolve(iframe); };
if (sandbox)
iframe.sandbox = sandbox;
iframe.srcdoc = src;
iframe.style.display = 'none';
document.documentElement.appendChild(iframe);
});
}
function wait_for_message(recipient, source) {
return new Promise(resolve => {
recipient.onmessage = function listener(e) {
if (e.source === source) {
resolve(e.data);
recipient.removeEventListener('message', listener);
}
};
})
}
const test_code =
' const handler = (reply) => {' +
' try { ' +
' if (!indexedDB || !indexedDB.databases) {' +
' reply({result: "indexedDB.databases undefined"});' +
' }' +
' indexedDB.databases().then(' +
' () => reply({result: "no exception"}),' +
' ex => reply({result: ex.name}));' +
' } catch(e) { ' +
' reply({result: e.name + " thrown, not rejected"});' +
' }' +
' };';
const iframe_script =
'<script>' +
test_code +
' window.onmessage = () => {' +
' handler(msg => window.parent.postMessage(msg, "*"));' +
' };' +
'<\/script>';
promise_test(async t => {
const iframe = await load_iframe(iframe_script);
iframe.contentWindow.postMessage({}, '*');
const message = await wait_for_message(self, iframe.contentWindow);
assert_equals(message.result, 'no exception',
'IDBFactory.databases() should not reject');
}, 'IDBFactory.databases() in non-sandboxed iframe should not reject');
promise_test(async t => {
const iframe = await load_iframe(iframe_script, 'allow-scripts');
iframe.contentWindow.postMessage({}, '*');
const message = await wait_for_message(self, iframe.contentWindow);
assert_equals(message.result, 'SecurityError',
'Promise should be rejected with SecurityError');
}, 'IDBFactory.databases() in sandboxed iframe should reject');
const worker_script = `
${test_code}
// For dedicated workers:
self.addEventListener("message", () => handler(self.postMessage));
// For shared workers:
self.addEventListener("connect", (e) => {
var port = e.ports[0];
handler(msg => port.postMessage(msg));
});
`;
const worker_data_url = "data:,".concat(encodeURIComponent(worker_script));
promise_test(async t => {
let worker = new Worker(worker_data_url);
t.add_cleanup(() => worker.terminate());
worker.postMessage({});
const message = await wait_for_message(worker, null);
assert_equals(message.result, 'SecurityError',
'Promise should be rejected with SecurityError');
}, 'IDBFactory.databases() in data URL dedicated worker should throw SecurityError');
promise_test(async t => {
let worker = new SharedWorker(worker_data_url, 'idb_databases_opaque');
worker.port.postMessage({});
const message = await wait_for_message(worker.port, null);
assert_equals(message.result, 'SecurityError',
'Promise should be rejected with SecurityError');
}, 'IDBFactory.databases() in data URL shared worker should throw SecurityError');
</script>