Google Git
Sign in
nest-open-source / manifest_repos / chromium_src / 1389d67935ffbffe8a70c1fa06867f6cf7ecf464 / . / chromium / src / third_party / blink / web_tests / http / tests / loading / trust-tokens / has-trust-token.tentative.https.html
blob: 5bfd57ca6a2965b684b96076252d73313573a700 [file] [log] [blame]
<!DOCTYPE html>
<meta charset="utf-8">
<title>Tests the Trust Token API's hasTrustToken function (tentative: the API is a prototype).</title>
<link rel="help" href="https://github.com/WICG/trust-token-api#trust-token-redemption" />
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
'use strict';
promise_test((t) => {
return promise_rejects_js(t, TypeError, document.hasTrustToken(
"http://not-a-secure-url.example"));
},
'hasTrustToken requires a secure URL as its issuer argument.');
promise_test((t) => {
return promise_rejects_js(t, TypeError, document.hasTrustToken(
"file:///"));
},
'hasTrustToken requires a HTTP(S) URL as its issuer argument.');
// These hasTrustToken calls all affect global state: each call in the form
// of hasTrustToken(issuer) will result in |issuer| becoming associated in
// persistent storage with the calling top frame's origin.
//
// TODO(davidvc, crbug.com/1063140): Once it's possible to write WPTs that
// result in a trust token being deposited in storage, this should be
// expanded to cover the case where the user _does_ have a token.
promise_test(async (t) => {
t.add_cleanup(async () => {
if (window.testRunner)
await new Promise(res => window.testRunner.clearTrustTokenState(res));
});
let result = await document.hasTrustToken("https://issuer.example/");
assert_false(result, "The client should not possess any trust tokens for " +
"https://issuer.example since it has not executed an issuance operation" +
" against that issuer.");
result = await document.hasTrustToken("https://issuer2.example/");
assert_false(result, "The client should not possess any trust tokens for" +
" https://issuer2.example since it has not executed an issuance " +
"operation against that issuer.");
await promise_rejects_dom(t, "OperationError", document.hasTrustToken(
"https://issuer3.example/"),
"The first two hasTrustToken operations associated this top-level" +
" origin with the maximum number of issuers (2), so an attempt to " +
" execute hasTrustToken against another issuer should fail.");
result = await document.hasTrustToken("https://issuer2.example/");
assert_false(result, "Since this top-level origin is already associated " +
"with https://issuer2.example, subsequent hasTrustToken operations should " +
"not error out even though the top-level origin is at its " +
"number-of-issuers limit.");
if (window.testRunner) {
await new Promise(res =>
window.testRunner.clearTrustTokenState(res)
);
result = await document.hasTrustToken("https://issuer3.example/");
assert_false(result, "Since state was cleared, it should be possible to" +
"run hasTrustToken against more issuers.");
}
}, "When given a valid, secure origin, hasTrustToken should succeed " +
"unless associating that origin with the top-level domain would exceed " +
"the top-level origin's number-of-associated-issuers limit.");
</script>