Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / third_party / WebKit / LayoutTests / http / tests / serviceworker / resources / fetch-canvas-tainting-iframe.html
blobc0c8810f7ecb04443aaf6ea0a6bac2c8914833e1
1 <script src="../../resources/get-host-info.js"></script>
2 <script src="test-helpers.js?pipe=sub"></script>
3 <script>
4 var image_path = base_path() + 'fetch-access-control.php?PNGIMAGE';
5 var host_info = get_host_info();
7 var NOT_TAINTED = 'NOT_TAINTED';
8 var TAINTED = 'TAINTED';
9 var LOAD_ERROR = 'LOAD_ERROR';
11 function create_test_case_promise(url, cross_origin) {
12 return new Promise(function(resolve) {
13 var img = new Image();
14 if (cross_origin != '') {
15 img.crossOrigin = cross_origin;
17 img.onload = function() {
18 try {
19 var canvas = document.createElement('canvas');
20 canvas.width = 100;
21 canvas.height = 100;
22 var context = canvas.getContext('2d');
23 context.drawImage(img, 0, 0);
24 context.getImageData(0, 0, 100, 100);
25 resolve(NOT_TAINTED);
26 } catch (e) {
27 resolve(TAINTED);
30 img.onerror = function() {
31 resolve(LOAD_ERROR);
33 img.src = url;
34 });
37 function create_test_promise(url, cross_origin, expected_result) {
38 return new Promise(function(resolve, reject) {
39 create_test_case_promise(url, cross_origin)
40 .then(function(result) {
41 if (result == expected_result) {
42 resolve();
43 } else {
44 reject('Result of url:' + url + ' ' +
45 ' cross_origin: ' + cross_origin + ' must be ' +
46 expected_result + ' but ' + result);
49 });
52 window.addEventListener('message', function(evt) {
53 var port = evt.ports[0];
54 var image_url = host_info['HTTP_ORIGIN'] + image_path;
55 var remote_image_url = host_info['HTTP_REMOTE_ORIGIN'] + image_path;
56 Promise.all([
57 // Reject tests
58 create_test_promise(image_url + '&reject', '', LOAD_ERROR),
59 create_test_promise(image_url + '&reject', 'anonymous', LOAD_ERROR),
60 create_test_promise(
61 image_url + '&reject', 'use-credentials', LOAD_ERROR),
62 // Fallback tests
63 create_test_promise(
64 image_url + '&ignore',
65 '',
66 NOT_TAINTED),
67 create_test_promise(
68 remote_image_url + '&ignore',
69 '',
70 TAINTED),
71 create_test_promise(
72 remote_image_url + '&ignore',
73 'anonymous',
74 LOAD_ERROR),
75 create_test_promise(
76 remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
77 '&ignore',
78 'anonymous',
79 NOT_TAINTED),
80 create_test_promise(
81 remote_image_url + '&ignore',
82 'use-credentials',
83 LOAD_ERROR),
84 create_test_promise(
85 remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
86 '&ignore',
87 'use-credentials',
88 LOAD_ERROR),
89 create_test_promise(
90 remote_image_url + '&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
91 '&ACACredentials=true&ignore',
92 'use-credentials',
93 NOT_TAINTED),
95 // Credential test (fallback)
96 create_test_promise(
97 image_url + '&Auth&ignore',
98 '',
99 NOT_TAINTED),
100 create_test_promise(
101 remote_image_url + '&Auth&ignore',
103 TAINTED),
104 create_test_promise(
105 remote_image_url + '&Auth&ignore',
106 'anonymous',
107 LOAD_ERROR),
108 create_test_promise(
109 remote_image_url + '&Auth&ignore',
110 'use-credentials',
111 LOAD_ERROR),
112 create_test_promise(
113 remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
114 '&ignore',
115 'use-credentials',
116 LOAD_ERROR),
117 create_test_promise(
118 remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTP_ORIGIN'] +
119 '&ACACredentials=true&ignore',
120 'use-credentials',
121 NOT_TAINTED),
123 // Basic response
124 create_test_promise(
125 image_url +
126 '&mode=same-origin&url=' + encodeURIComponent(image_url),
128 NOT_TAINTED),
129 create_test_promise(
130 image_url +
131 '&mode=same-origin&url=' + encodeURIComponent(image_url),
132 'anonymous',
133 NOT_TAINTED),
134 create_test_promise(
135 image_url +
136 '&mode=same-origin&url=' + encodeURIComponent(image_url),
137 'use-credentials',
138 NOT_TAINTED),
139 create_test_promise(
140 remote_image_url +
141 '&mode=same-origin&url=' + encodeURIComponent(image_url),
143 NOT_TAINTED),
144 create_test_promise(
145 remote_image_url +
146 '&mode=same-origin&url=' + encodeURIComponent(image_url),
147 'anonymous',
148 NOT_TAINTED),
149 create_test_promise(
150 remote_image_url +
151 '&mode=same-origin&url=' + encodeURIComponent(image_url),
152 'use-credentials',
153 NOT_TAINTED),
155 // Opaque response
156 create_test_promise(
157 image_url +
158 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
160 TAINTED),
161 create_test_promise(
162 image_url +
163 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
164 'anonymous',
165 LOAD_ERROR),
166 create_test_promise(
167 image_url +
168 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
169 'use-credentials',
170 LOAD_ERROR),
171 create_test_promise(
172 remote_image_url +
173 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
175 TAINTED),
176 create_test_promise(
177 remote_image_url +
178 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
179 'anonymous',
180 LOAD_ERROR),
181 create_test_promise(
182 remote_image_url +
183 '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
184 'use-credentials',
185 LOAD_ERROR),
187 // CORS response
188 create_test_promise(
189 image_url +
190 '&mode=cors&url=' +
191 encodeURIComponent(remote_image_url +
192 '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
194 NOT_TAINTED),
195 create_test_promise(
196 image_url +
197 '&mode=cors&url=' +
198 encodeURIComponent(remote_image_url +
199 '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
200 'anonymous',
201 NOT_TAINTED),
202 create_test_promise(
203 image_url +
204 '&mode=cors&url=' +
205 encodeURIComponent(remote_image_url +
206 '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
207 'use-credentials',
208 NOT_TAINTED),
209 create_test_promise(
210 image_url +
211 '&mode=cors&url=' +
212 encodeURIComponent(
213 remote_image_url +
214 '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
215 'use-credentials',
216 NOT_TAINTED),
217 create_test_promise(
218 remote_image_url +
219 '&mode=cors&url=' +
220 encodeURIComponent(remote_image_url +
221 '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
223 NOT_TAINTED),
224 create_test_promise(
225 remote_image_url +
226 '&mode=cors&url=' +
227 encodeURIComponent(remote_image_url +
228 '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
229 'anonymous',
230 NOT_TAINTED),
231 create_test_promise(
232 remote_image_url +
233 '&mode=cors&url=' +
234 encodeURIComponent(remote_image_url +
235 '&ACAOrigin=' + host_info['HTTP_ORIGIN']),
236 'use-credentials',
237 NOT_TAINTED),
238 create_test_promise(
239 remote_image_url +
240 '&mode=cors&url=' +
241 encodeURIComponent(
242 remote_image_url +
243 '&ACACredentials=true&ACAOrigin=' + host_info['HTTP_ORIGIN']),
244 'use-credentials',
245 NOT_TAINTED)
247 .then(function() {
248 port.postMessage({results: 'finish'});
250 .catch(function(e) {
251 port.postMessage({results: 'failure:' + e});
253 }, false);
254 </script>