<!doctype html>
<body>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=/permissions-policy/resources/permissions-policy.js></script>
<script src="/shared-storage/resources/util.js"></script>
<script>
'use strict';
const same_origin_src = '/shared-storage/resources/shared-storage-permissions-policy-helper.html';
const same_origin_script = '/shared-storage/resources/simple-module.js';
const cross_origin = 'https://{{domains[www]}}:{{ports[https][0]}}';
const cross_origin_src = cross_origin + same_origin_src;
const cross_origin_script = cross_origin + same_origin_script;
const header = 'permissions policy header shared-storage=()';
promise_test(async t => {
const allowed = await AreRegularSharedStorageMethodsAllowed();
assert_false(allowed);
}, header + ' disallows sharedStorage in the current page.');
promise_test(async t => {
return promise_rejects_dom(t, "InvalidAccessError",
sharedStorage.createWorklet(
same_origin_script,
{ credentials: "omit" }));
}, header + ' disallows sharedStorage.createWorklet() with same-origin script');
promise_test(async t => {
return promise_rejects_dom(t, "InvalidAccessError",
sharedStorage.createWorklet(
cross_origin_script,
{ credentials: "omit", dataOrigin: "script-origin" }));
}, header + ' disallows sharedStorage.createWorklet() with cross-origin script');
async_test(t => {
test_feature_availability('shared-storage', t, same_origin_src,
expect_feature_unavailable_default);
}, header + ' disallows sharedStorage in same-origin iframes.');
async_test(t => {
test_feature_availability('shared-storage', t, cross_origin_src,
expect_feature_unavailable_default);
}, header + ' disallows sharedStorage in cross-origin iframes.');
</script>
</body>