<!DOCTYPE html>
<title>Test sharedStorage.get() with nested fenced frames & network revocation.</title>
<meta name="timeout" content="long">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="resources/utils.js"></script>
<body>
<script>
promise_setup(async () => {
// Set sharedStorage value for HTTPS_ORIGIN
await sharedStorage.set('test', 'apple');
// Set sharedStorage value for HTTPS_REMOTE_ORIGIN.
let init_iframe = await attachIFrameContext(
{origin: get_host_info().HTTPS_REMOTE_ORIGIN});
await init_iframe.execute(async () => {
await sharedStorage.set('test', 'banana');
});
});
promise_test(async (t) => {
const fencedframe = await attachFencedFrameContext(
{origin: get_host_info().HTTPS_ORIGIN});
let get_result = await fencedframe.execute(async () => {
const nested_frame = await attachFencedFrameContext(
{origin: get_host_info().HTTPS_ORIGIN});
// Note that the parent fenced frame has not disabled network at this point.
return nested_frame.execute(async () => {
await window.fence.disableUntrustedNetwork();
return sharedStorage.get('test');
});
});
assert_equals(get_result, 'apple');
}, 'Test that sharedStorage.get() succeeds in a nested fenced frame with ' +
'network disabled, even if the parent fenced frame has not disabled ' +
'network yet.');
promise_test(async (t) => {
const fencedframe = await attachFencedFrameContext(
{origin: get_host_info().HTTPS_ORIGIN});
await fencedframe.execute(async () => {
let actual_cutoff_time;
const nested_frame = await attachFencedFrameContext(
{origin: get_host_info().HTTPS_ORIGIN})
// Note that we do *not* await, because we need to operate in the top frame
// while the nested frame still hasn't disabled network access.
let disable_network_promise =
window.fence.disableUntrustedNetwork().then(() => {
actual_cutoff_time = Date.now();
});
try {
await sharedStorage.get('test');
assert_unreached('sharedStorage.get() is not allowed in a fenced frame ' +
'until network access for it and all descendent frames has been ' +
'revoked with window.fence.disableUntrustedNetwork()');
} catch (e) {
assert_equals(e.name, 'OperationError');
assert_equals(e.message, 'sharedStorage.get() is not allowed in a ' +
'fenced frame until network access for it and all descendent frames ' +
'has been revoked with window.fence.disableUntrustedNetwork()');
}
const expected_cutoff_time = await nested_frame.execute(async () => {
await window.fence.disableUntrustedNetwork();
return Date.now();
});
// Check that disableUntrustedNetwork() has resolved after the nested
// fenced frame had its network cut off.
await disable_network_promise;
assert_greater_than_equal(
actual_cutoff_time, expected_cutoff_time,
"The promise should only resolve once the subframe's network has " +
"been revoked.");
const test_result = await sharedStorage.get('test');
assert_equals(test_result, "apple");
});
}, 'sharedStorage.get() only works in a top-level fenced frame with network ' +
'disabled after all nested fenced frames disable network.');
promise_test(async(t) => {
const fencedframe = await attachFencedFrameContext();
await fencedframe.execute(async () => {
const subframe = await attachIFrameContext({
origin: get_host_info().HTTPS_REMOTE_ORIGIN});
await window.fence.disableUntrustedNetwork();
// Check that sharedStorage.get() can be called without error.
await sharedStorage.get('test');
});
}, 'A cross-origin child iframe does not affect when ' +
'a fenced frame gets access to sharedStorage.get().');
promise_test(async (t) => {
const fencedframe = await attachFencedFrameContext();
await fencedframe.execute(async () => {
const subframe = await attachIFrameContext(
{origin: get_host_info().HTTPS_REMOTE_ORIGIN});
await subframe.execute(async () => {
const deep_subframe = await attachFencedFrameContext();
deep_subframe.execute(() => {
window.fence.disableUntrustedNetwork();
});
});
await window.fence.disableUntrustedNetwork();
const test_result = await sharedStorage.get('test');
assert_equals(test_result, "apple");
});
}, 'sharedStorage.get() only works in a top-level fenced frame with network ' +
'disabled after all deeply nested fenced frames disable network.');
</script>
</body>
Codebase Browser
chromium