chromium/src/third_party/blink/web_tests/external/wpt/cookies/samesite/form-get-blank-reload.https.html - manifest_repos/chromium_src - Git at Google

 <!DOCTYPE html>
 <meta charset="utf-8"/>
 <meta name="variant" content="">
 <meta name="variant" content="?legacy-samesite">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/cookies/resources/cookie-helper.sub.js"></script>
 <script>
   function create_test(origin, target, expectedStatus, title) {
     promise_test(t => {
       var value = "" + Math.random();
       return resetSameSiteCookies(origin, value)
         .then(_ => {
           return new Promise((resolve, reject) => {
             var f = document.createElement('form');
             f.action = target + "/cookies/resources/postToParent.py";
             f.target = "_blank";
             f.method = "GET";

             // If |target| contains a `redir` parameter, extract it, and add it
             // to the form so it doesn't get dropped in the submission.
             var url = new URL(f.action);
             if (url.pathname = "/cookies/rfc6265/resources/redirectWithCORSHeaders.py") {
               var i = document.createElement("input");
               i.name = "location";
               i.value = url.searchParams.get("location");
               i.type = "hidden";
               f.appendChild(i);
             }
             var reloaded = false;
             var msgHandler = e => {
               try {
                 getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
               } catch (e) {
                 reject(e);
               }

               if (reloaded) {
                 window.removeEventListener("message", msgHandler);
                 e.source.close();
                 resolve("Popup received the cookie.");
               } else {
                 reloaded = true;
                 e.source.postMessage("reload", "*");
               }
             };
             window.addEventListener("message", msgHandler);
             document.body.appendChild(f);

             f.submit();
           });
         });
     }, title);
   }

   create_test(SECURE_ORIGIN, SECURE_ORIGIN, SameSiteStatus.STRICT, "Reloaded same-host top-level form GETs are strictly same-site");
   create_test(SECURE_SUBDOMAIN_ORIGIN, SECURE_SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Reloaded subdomain top-level form GETs are strictly same-site");
   create_test(SECURE_CROSS_SITE_ORIGIN, SECURE_CROSS_SITE_ORIGIN, SameSiteStatus.LAX, "Reloaded cross-site top-level form GETs are laxly same-site");
 </script>
	<!DOCTYPE html>
	<meta charset="utf-8"/>
	<meta name="variant" content="">
	<meta name="variant" content="?legacy-samesite">
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/cookies/resources/cookie-helper.sub.js"></script>
	<script>
	function create_test(origin, target, expectedStatus, title) {
	promise_test(t => {
	var value = "" + Math.random();
	return resetSameSiteCookies(origin, value)
	.then(_ => {
	return new Promise((resolve, reject) => {
	var f = document.createElement('form');
	f.action = target + "/cookies/resources/postToParent.py";
	f.target = "_blank";
	f.method = "GET";

	// If \|target\| contains a `redir` parameter, extract it, and add it
	// to the form so it doesn't get dropped in the submission.
	var url = new URL(f.action);
	if (url.pathname = "/cookies/rfc6265/resources/redirectWithCORSHeaders.py") {
	var i = document.createElement("input");
	i.name = "location";
	i.value = url.searchParams.get("location");
	i.type = "hidden";
	f.appendChild(i);
	}
	var reloaded = false;
	var msgHandler = e => {
	try {
	getSameSiteVerifier()(expectedStatus, value, e.data, DomSameSiteStatus.SAME_SITE);
	} catch (e) {
	reject(e);
	}

	if (reloaded) {
	window.removeEventListener("message", msgHandler);
	e.source.close();
	resolve("Popup received the cookie.");
	} else {
	reloaded = true;
	e.source.postMessage("reload", "*");
	}
	};
	window.addEventListener("message", msgHandler);
	document.body.appendChild(f);

	f.submit();
	});
	});
	}, title);
	}

	create_test(SECURE_ORIGIN, SECURE_ORIGIN, SameSiteStatus.STRICT, "Reloaded same-host top-level form GETs are strictly same-site");
	create_test(SECURE_SUBDOMAIN_ORIGIN, SECURE_SUBDOMAIN_ORIGIN, SameSiteStatus.STRICT, "Reloaded subdomain top-level form GETs are strictly same-site");
	create_test(SECURE_CROSS_SITE_ORIGIN, SECURE_CROSS_SITE_ORIGIN, SameSiteStatus.LAX, "Reloaded cross-site top-level form GETs are laxly same-site");
	</script>