<!DOCTYPE html>
<title>data URL shared workers</title>
<script src="/common/get-host-info.sub.js"></script>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
function assert_worker_sends_pass(test_desc, mime_type, worker_code) {
async_test(function(t) {
var w = new SharedWorker(`data:${mime_type},onconnect = function(e) { port = e.ports[0]; ${worker_code}}`);
w.port.onmessage = t.step_func_done(function(e) {
assert_equals(e.data, 'PASS');
});
w.port.postMessage('SEND_PASS');
}, test_desc);
}
function assert_worker_throws(test_desc, worker_code) {
assert_worker_sends_pass(test_desc, '', `try { ${worker_code}; port.postMessage("FAIL"); } catch (e) { port.postMessage("PASS"); }`);
}
// Any MIME type allowed
assert_worker_sends_pass('application/javascript MIME allowed', 'application/javascript', 'port.postMessage("PASS")');
assert_worker_sends_pass('text/plain MIME allowed', 'text/plain', 'port.postMessage("PASS")');
assert_worker_sends_pass('empty MIME allowed', '', 'port.postMessage("PASS")');
// Communications goes both ways
assert_worker_sends_pass('communication goes both ways', 'application/javascript', 'port.onmessage = function(e) { port.postMessage("PASS"); }');
// test access to storage APIs
// https://w3c.github.io/IndexedDB/#dom-idbfactory-open
assert_worker_sends_pass('indexedDB is present', '', 'port.postMessage("indexedDB" in self ? "PASS" : "FAIL")');
assert_worker_throws('indexedDB is inaccessible', 'self.indexedDB.open("someDBName")');
// Other standardized storage APIs are either not exposed to workers
// (e.g. window.localStorage, window.sessionStorage), or are [SecureContext]
// (e.g. self.caches).
// 'data:' workers are cross-origin
assert_worker_sends_pass('cross-origin worker', '', 'fetch("/").then(() => port.postMessage("FAIL"), () => port.postMessage("PASS"))');
// 'data:' workers have opaque origin
assert_worker_sends_pass('worker has opaque origin', 'application/javascript', 'port.postMessage(self.location.origin == "null" ? "PASS" : "FAIL")');
function openWindow(url) {
return new Promise(resolve => {
const win = window.open(url, '_blank');
add_completion_callback(() => win.close());
window.onmessage = e => {
assert_equals(e.data, 'LOADED');
resolve(win);
};
});
}
promise_test(() => {
const kWindowURL = 'data-url-shared-window.html';
const kRemoteWindowURL = get_host_info().HTTP_REMOTE_ORIGIN +
'/workers/data-url-shared-window.html';
return openWindow(kWindowURL)
.then(win => {
const channel = new MessageChannel;
win.postMessage(channel.port1, '*', [channel.port1]);
return new Promise(resolve => channel.port2.onmessage = resolve);
})
.then(msg_event => {
assert_equals(msg_event.data, 1);
return openWindow(kRemoteWindowURL);
})
.then(win => {
const channel = new MessageChannel;
win.postMessage(channel.port1, '*', [channel.port1]);
return new Promise(resolve => channel.port2.onmessage = resolve);
})
.then(msg_event => assert_equals(msg_event.data, 1));
}, 'A data: URL shared worker should not be shared among origins.');
</script>