<!DOCTYPE html>
<head>
<meta charset="utf-8"/>
<meta name="timeout" content="long">
<title>Service Worker: Partitioned Cookies 3P Credentialless Iframe</title>
<script src="/resources/testharness.js"></script>
<script src="test-helpers.sub.js"></script>
<script src="/common/get-host-info.sub.js"></script>
</head>
<body>
<script>
// Check workers registered by a credentialless frame can access cookies set in that frame.
promise_test(async t => {
const script = './partitioned-cookies-3p-sw.js';
const scope = './partitioned-cookies-3p-';
const absolute_scope = new URL(scope, window.location).href;
// Set a Partitioned cookie.
document.cookie = '__Host-partitioned=123; Secure; Path=/; SameSite=None; Partitioned;';
assert_true(document.cookie.includes('__Host-partitioned=123'));
// Make sure DOM cannot access the unpartitioned cookie.
assert_false(document.cookie.includes('unpartitioned=456'));
const reg = await service_worker_unregister_and_register(t, script, scope);
await wait_for_state(t, reg.installing, 'activated');
let retrieved_registrations =
await navigator.serviceWorker.getRegistrations();
let filtered_registrations =
retrieved_registrations.filter(reg => reg.scope == absolute_scope);
// on_message will be reassigned below based on the expected reply from the service worker.
let on_message;
self.addEventListener('message', ev => on_message(ev));
navigator.serviceWorker.addEventListener('message', evt => {
self.postMessage(evt.data, '*');
});
// First test that the worker script started correctly and message passing is enabled.
let resolve_wait_promise;
let wait_promise = new Promise(resolve => {
resolve_wait_promise = resolve;
});
let got;
on_message = ev => {
got = ev.data;
resolve_wait_promise();
};
filtered_registrations[0].active.postMessage({type: 'test_message'});
await wait_promise;
assert_true(got.ok, 'Message passing');
// Test that the partitioned cookie is available to this worker via CookieStore API.
wait_promise = new Promise(resolve => {
resolve_wait_promise = resolve;
});
on_message = ev => {
got = ev.data;
resolve_wait_promise();
};
filtered_registrations[0].active.postMessage({type: 'echo_cookies_js'});
await wait_promise;
assert_true(got.ok, 'Get cookies');
assert_true(
got.cookies.includes('__Host-partitioned'),
'Credentialless frame worker can access partitioned cookie via JS');
assert_false(
got.cookies.includes('unpartitioned'),
'Credentialless frame worker cannot access unpartitioned cookie via JS');
// Test that the partitioned cookie is available to this worker via HTTP.
wait_promise = new Promise(resolve => {
resolve_wait_promise = resolve;
});
on_message = ev => {
got = ev.data;
resolve_wait_promise();
};
filtered_registrations[0].active.postMessage({ type: 'echo_cookies_http' });
await wait_promise;
assert_true(got.ok, 'Get cookies');
assert_true(
got.cookies.includes('__Host-partitioned'),
'Credentialless frame worker can access partitioned cookie via HTTP');
assert_false(
got.cookies.includes('unpartitioned'),
'Credentialless frame worker cannot access unpartitioned cookie via HTTP');
// Test that the partitioned cookie is not available to this worker in HTTP
// requests from importScripts.
wait_promise = new Promise(resolve => {
resolve_wait_promise = resolve;
});
on_message = ev => {
got = ev.data;
resolve_wait_promise();
};
filtered_registrations[0].active.postMessage({ type: 'echo_cookies_import' });
await wait_promise;
assert_true(got.ok, 'Get cookies');
assert_true(
got.cookies.includes('__Host-partitioned'),
'Credentialless frame worker can access partitioned cookie via importScripts');
assert_false(
got.cookies.includes('unpartitioned'),
'Credentialless frame worker cannot access unpartitioned cookie via importScripts');
});
</script>
</body>
</html>
Codebase Browser
chromium