<!DOCTYPE html>
<body>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/permissions-policy/resources/permissions-policy.js"></script>
<script>
"use strict";
const same_origin_src =
"/permissions-policy/resources/permissions-policy-payment.html";
const cross_origin_src =
"https://{{hosts[alt][]}}:{{ports[https][0]}}" + same_origin_src;
const header = 'permissions policy header "payment=*"';
test(() => {
const supportedMethods = [
{
supportedMethods: "https://{{domains[nonexistent]}}/payment-request",
},
];
const details = {
total: {
label: "Test",
amount: { currency: "USD", value: "5.00" },
},
};
try {
new PaymentRequest(supportedMethods, details);
} catch (e) {
assert_unreached();
}
}, `${header} allows Payment Request API the top-level document.`);
promise_test((test) => {
return test_feature_availability({
feature_description: "PaymentRequest()",
test,
src: same_origin_src,
expect_feature_available: expect_feature_available_default,
is_promise_test: true,
});
}, `${header} allows Payment Request API same-origin iframes.`);
promise_test(async (test) => {
return test_feature_availability({
feature_description: "PaymentRequest()",
test,
src: cross_origin_src,
expect_feature_available: expect_feature_unavailable_default,
is_promise_test: true,
});
}, `Payment Request API is disabled in cross-origin iframe if allow="payment" is not set and ${header}.`);
promise_test(async (test) => {
return test_feature_availability({
feature_description: "PaymentRequest()",
test,
src: cross_origin_src,
expect_feature_available: expect_feature_available_default,
feature_name: "payment",
is_promise_test: true,
});
}, `${header} allow="payment" allows Payment Request in cross-origin iframes.`);
</script>
</body>
Codebase Browser
chromium