<!doctype html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/testharness-helpers.js"></script>
<script>
// This test cannot be done in basics.https.html because we disallow mixed content.
promise_test(_ => {
clearKnownCookies();
assert_equals(document.cookie, "");
document.cookie = STRICT_DOM + "=2; SameSite=Strict; path=/";
document.cookie = LAX_DOM + "=2; SameSite=Lax; path=/";
document.cookie = UNSPECIFIED_DOM + "=2; path=/";
// Not testing SameSite=None here because those cookies must be Secure.
assert_equals(document.cookie, STRICT_DOM + "=2; " + LAX_DOM + "=2; " + UNSPECIFIED_DOM + "=2");
return fetch("https://" + window.location.hostname + ":8443/cookies/resources/echo-json.php", {"credentials": "include"})
.then(r => r.json())
.then(j => {
assert_false(STRICT_DOM in j);
assert_false(LAX_DOM in j);
assert_false(UNSPECIFIED_DOM in j);
});
}, "HTTPS is not same-site with HTTP.");
</script>
Codebase Browser
chromium