| <!DOCTYPE html> |
| <title>Credential Manager: Call create() across browsing contexts.</title> |
| <script src="../resources/testharness.js"></script> |
| <script src="../resources/testharnessreport.js"></script> |
| <body> |
| <script type="module"> |
| import {ACCEPTABLE_CREDENTIAL_ID, CREATE_CREDENTIALS, encloseInScriptTag} from './resources/test-inputs.js'; |
| import {TestAuthenticatorManager} from './resources/virtual-navigator-credentials.js'; |
| |
| if (document.location.host != "subdomain.example.test:8443") { |
| document.location = "https://subdomain.example.test:8443/credentialmanager/credentialscontainer-create-from-nested-frame.html"; |
| promise_test(_ => new Promise(_ => {}), "Stall tests on the wrong host."); |
| } |
| |
| const manager = new TestAuthenticatorManager; |
| |
| promise_test(async _ => { |
| let authenticators = await manager.authenticators(); |
| assert_equals(authenticators.length, 0); |
| let testAuthenticator = await manager.createAuthenticator(); |
| assert_true(await testAuthenticator.generateAndRegisterKey(ACCEPTABLE_CREDENTIAL_ID, "subdomain.example.test")); |
| }, "Set up the testing environment."); |
| |
| promise_test(t => { |
| let PROBE_CREDENTIALS = "window.parent.postMessage(String(navigator.credentials), '*');"; |
| |
| let frame = document.createElement("iframe"); |
| frame.src = "data:text/html," + encloseInScriptTag(PROBE_CREDENTIALS); |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "undefined"); |
| }); |
| }, "navigator.credentials should be undefined in documents generated from `data:` URLs."); |
| |
| promise_test(async t => { |
| const frame = document.createElement("iframe"); |
| frame.src = "resources/nested-document.html"; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| const loadWatcher = new EventWatcher(t, frame, "load"); |
| await loadWatcher.wait_for("load"); |
| frame.contentWindow.location = "javascript:" + CREATE_CREDENTIALS; |
| |
| const messageWatcher = new EventWatcher(t, window, "message"); |
| const {data} = await messageWatcher.wait_for("message"); |
| assert_equals(data, "[object PublicKeyCredential]"); |
| }, "navigator.credentials.create({publicKey}) in a javascript url should should succeed."); |
| |
| promise_test(t => { |
| let frame = document.createElement("iframe"); |
| frame.srcdoc = ''; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let loadWatcher = new EventWatcher(t, frame, "load"); |
| loadWatcher.wait_for("load").then(_ => { |
| frame.contentWindow.eval(CREATE_CREDENTIALS); |
| }); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "[object PublicKeyCredential]"); |
| }); |
| }, "navigator.credentials.create({publicKey}) in srcdoc should succeed."); |
| |
| promise_test(t => { |
| let frame = document.createElement("iframe"); |
| frame.src = "about:blank"; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let loadWatcher = new EventWatcher(t, frame, "load"); |
| loadWatcher.wait_for("load").then(_ => { |
| frame.contentDocument.write(encloseInScriptTag(CREATE_CREDENTIALS)); |
| }); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "[object PublicKeyCredential]"); |
| }); |
| }, "navigator.credentials.create({publicKey}) in about:blank embedded in a secure context should succeed."); |
| |
| promise_test(t => { |
| let frame = document.createElement("iframe"); |
| frame.src = "about:blank"; |
| window.setTimeout(_ => document.body.append(frame)); |
| |
| let loadWatcher = new EventWatcher(t, frame, "load"); |
| loadWatcher.wait_for("load").then(_ => { |
| frame.contentWindow.eval(CREATE_CREDENTIALS); |
| }); |
| |
| let eventWatcher = new EventWatcher(t, window, "message"); |
| return eventWatcher.wait_for("message").then(message => { |
| assert_equals(message.data, "[object PublicKeyCredential]"); |
| }); |
| }, "navigator.credentials.create({publicKey}) in an about:blank page embedded in a secure context should pass rpID checks."); |
| |
| promise_test(t => { |
| return manager.clearAuthenticators(); |
| }, "Clean up testing environment."); |
| |
| </script> |