<!doctype html> <html> <head> <meta charset=utf-8> <title>Test SharedWorkerGlobalScope.isSecureContext for HTTP creator</title> <meta name="help" href="https://w3c.github.io/webappsec-secure-contexts/#monkey-patching-global-object"> <script src=/resources/testharness.js></script> <script src=/resources/testharnessreport.js></script> <script src="server-locations.sub.js"></script> </head> <body> <script> /* * The goal of this test is to check that we do the right thing if the * same SharedWorker is used first from an insecure context and then from * a secure context. * * To do this, we first open an insecure (http) popup, which loads a * subframe that is same-origin with us but not a secure context, since * its parent is http, not https. Then this subframe loads a SharedWorker * and communicates back to us whether that worker and a child dedicated * worker it spawns think they are secure contexts. Async tests t3 and t4 * track these two workers. * * After we have heard from both workers in the popup, we directly load * the same exact subframe ourselves and see what the workers in it * report. Async tests t1 and t2 track these two workers. */ var t1 = async_test("Shared worker in subframe"); var t2 = async_test("Nested worker in shared worker in subframe"); var t3 = async_test("Shared worker in popup"); var t4 = async_test("Nested worker from shared worker in popup"); var messageCount = 0; var popup = null; onmessage = function(e) { ++messageCount; // Make sure to not close the popup until we've run the iframe part of // the test! We need to keep those shared workers alive. if (messageCount == 4 && popup) { popup.close(); } var data = e.data; if (data.type == "shared") { // This is a message from our shared worker; check whether it's the // one in the popup or in our subframe. if (data.fromPopup) { t3.step(function() { assert_false(data.exception); assert_false(data.error); assert_false(data.isSecureContext); }); t3.done(); } else { t1.step(function() { assert_false(data.exception); assert_true(data.error); }); t1.done(); } } else if (data.type == "nested") { // This is a message from our shared worker's nested dedicated worker; // check whether it's the one in the popup or in our subframe. if (data.fromPopup) { t4.step(function() { assert_false(data.exception); assert_false(data.error); assert_false(data.isSecureContext); }); t4.done(); } else { t2.step(function() { assert_false(data.exception); assert_true(data.error); }); t2.done(); } } else { if (popup) { popup.close(); } t1.step(function() { assert_unreached("Unknown message"); }); t1.done(); t2.step(function() { assert_unreached("Unknown message"); }); t2.done(); t3.step(function() { assert_unreached("Unknown message"); }); t3.done(); t4.step(function() { assert_unreached("Unknown message"); }); t4.done(); } if (messageCount == 2) { // Got both messages from our popup; time to create our child. var ifr = document.createElement("iframe"); ifr.src = https_dir5 + "support/https-subframe-shared.html"; document.body.appendChild(ifr); } } popup = window.open(http_dir + "support/shared-worker-insecure-popup.html?https_dir5"); </script> </body> </html>