diff options
Diffstat (limited to 'dom/u2f/tests/frame_appid_facet.html')
-rw-r--r-- | dom/u2f/tests/frame_appid_facet.html | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/dom/u2f/tests/frame_appid_facet.html b/dom/u2f/tests/frame_appid_facet.html new file mode 100644 index 000000000..2a5f5c220 --- /dev/null +++ b/dom/u2f/tests/frame_appid_facet.html @@ -0,0 +1,63 @@ +<!DOCTYPE html> +<meta charset=utf-8> +<head> + <script src="u2futil.js"></script> +</head> +<body> +<p>Test for AppID / FacetID behavior for FIDO Universal Second Factor</p> +<script class="testbody" type="text/javascript"> +"use strict"; + +local_is(window.location.origin, "https://example.com", "Is loaded correctly"); + +var version = "U2F_V2"; +var challenge = new Uint8Array(16); + +local_expectThisManyTests(5); + +u2f.register(null, [{ + version: version, + challenge: bytesToBase64UrlSafe(challenge), +}], [], function(res){ + local_is(res.errorCode, 0, "Null AppID should work."); + local_completeTest(); +}); + +u2f.register("", [{ + version: version, + challenge: bytesToBase64UrlSafe(challenge), +}], [], function(res){ + local_is(res.errorCode, 0, "Empty AppID should work."); + local_completeTest(); +}); + +// Test: Correct TLD, but incorrect scheme +u2f.register("http://example.com/appId", [{ + version: version, + challenge: bytesToBase64UrlSafe(challenge), +}], [], function(res){ + local_isnot(res.errorCode, 0, "HTTP scheme is disallowed"); + local_completeTest(); +}); + +// Test: Correct TLD, and also HTTPS +u2f.register("https://example.com/appId", [{ + version: version, + challenge: bytesToBase64UrlSafe(challenge), +}], [], function(res){ + local_is(res.errorCode, 0, "HTTPS origin for example.com should work"); + local_completeTest(); +}); + +// Test: Dynamic origin +u2f.register(window.location.origin + "/otherAppId", [{ + version: version, + challenge: bytesToBase64UrlSafe(challenge), +}], [], function(res){ + local_is(res.errorCode, 0, "Direct window origin should work"); + local_completeTest(); +}); + +</script> +</body> +</html> |