Adds unload to Permissions-Policy.

This policy controls whether unload handlers can be set. See w3c/webappsec-permissions-policy#444 Bug: 1324111 Change-Id: Ia7c418e7ca3131f5102fde407011e00048a94182
web-platform-tests · Jul 27, 2022 · 2b0acc2 · 2b0acc2
1 parent b10070d
commit 2b0acc2
Show file tree

Hide file tree

Showing 4 changed files with 88 additions and 0 deletions.
diff --git a/permissions-policy/experimental-features/resources/unload-helper.js b/permissions-policy/experimental-features/resources/unload-helper.js
@@ -0,0 +1,37 @@
+// Code used by controlling frame of the unload policy tests.
+
+const MAIN_FRAME = 'main';
+const SUBFRAME = 'sub';
+
+async function isUnloadAllowed(remoteContextWrapper) {
+  return remoteContextWrapper.executeScript(() => {
+ return document.featurePolicy.allowsFeature('unload');
+});
+}
+
+// Checks whether a frame runs unload handlers.
+// This checks the policy directly and also installs an unload handler and navigates the frame
+// checking that the handler ran.
+async function assertWindowRunsUnload(remoteContextWrapper, name, { shouldRunUnload }) {
+  const maybeNot = shouldRunUnload ? '' : 'not ';
+  assert_equals(await isUnloadAllowed(remoteContextWrapper), shouldRunUnload,
+    `${name}: unload in ${name} should ${maybeNot}be allowed`);
+
+  // Set up recording of whether unload handler ran.
+  await remoteContextWrapper.executeScript((name) => {
+    localStorage.setItem(name, 'did not run');
+    addEventListener('unload', () => localStorage.setItem(name, 'did run'));
+  }, [name]);
+
+  // Navigate away and then back.
+  const second = await remoteContextWrapper.navigateToNew();
+  // Navigating back ensures that the unload has completed.
+  // Also if the navigation if cross-site then we have to return
+  // to the original origin in order to read the recorded unload.
+  await historyBack(second);
+
+  // Check that unload handlers ran as expected.
+  const recordedUnload = await remoteContextWrapper.executeScript(
+    (name) => localStorage.getItem(name), [name]);
+  assert_equals(recordedUnload, `did ${maybeNot}run`, `${name}: unload should ${maybeNot}have run`);
+}
diff --git a/permissions-policy/experimental-features/unload-allowed-by-default.tentative.window.js b/permissions-policy/experimental-features/unload-allowed-by-default.tentative.window.js
@@ -0,0 +1,17 @@
+// META: title='unload' Policy : allowed by default
+// META: script=/common/dispatcher/dispatcher.js
+// META: script=/common/utils.js
+// META: script=/resources/testharness.js
+// META: script=/resources/testharnessreport.js
+// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// META: script=./resources/unload-helper.js
+
+// Check that unload is allowed by policy in main frame and subframe by default.
+promise_test(async t => {
+  const rcHelper = new RemoteContextHelper({ remoteContextConfig: { scripts: ['./resources/unload-helper.js'] } });
+  // In the same browsing context group to ensure BFCache is not used.
+  const main = await rcHelper.addWindow();
+  const subframe = await main.addIframe();
+  await assertWindowRunsUnload(subframe, 'subframe', { shouldRunUnload: true });
+  await assertWindowRunsUnload(main, 'main', { shouldRunUnload: true });
+}, '\'unload\' Policy : allowed by default');
diff --git a/permissions-policy/experimental-features/unload-disallowed-subframe.tentative.window.js b/permissions-policy/experimental-features/unload-disallowed-subframe.tentative.window.js
@@ -0,0 +1,17 @@
+// META: title='unload' Policy : allowed in main frame but disallowed in subframe
+// META: script=/common/dispatcher/dispatcher.js
+// META: script=/common/utils.js
+// META: script=/resources/testharness.js
+// META: script=/resources/testharnessreport.js
+// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// META: script=./resources/unload-helper.js
+
+// Check that unload is allowed by policy in main but can be disabled in the subframe.
+promise_test(async t => {
+  const rcHelper = new RemoteContextHelper({ remoteContextConfig: { scripts: ['./resources/unload-helper.js'] } });
+  // In the same browsing context group to ensure BFCache is not used.
+  const main = await rcHelper.addWindow();
+  const subframe = await main.addIframe({ extraRemoteContextConfig: { headers: [['Permissions-Policy', 'unload=()']] } });
+  await assertWindowRunsUnload(subframe, 'subframe', { shouldRunUnload: false });
+  await assertWindowRunsUnload(main, 'main', { shouldRunUnload: true });
+});
diff --git a/permissions-policy/experimental-features/unload-disallowed.tentative.window.js b/permissions-policy/experimental-features/unload-disallowed.tentative.window.js
@@ -0,0 +1,17 @@
+// META: title='unload' Policy : disallowed when header is ()
+// META: script=/common/dispatcher/dispatcher.js
+// META: script=/common/utils.js
+// META: script=/resources/testharness.js
+// META: script=/resources/testharnessreport.js
+// META: script=/html/browsers/browsing-the-web/remote-context-helper/resources/remote-context-helper.js
+// META: script=./resources/unload-helper.js
+
+// Check that unload can be disabled by policy in main frame and subframe.
+promise_test(async t => {
+  const rcHelper = new RemoteContextHelper({ remoteContextConfig: { scripts: ['./resources/unload-helper.js'] } });
+  // In the same browsing context group to ensure BFCache is not used.
+  const main = await rcHelper.addWindow({ extraRemoteContextConfig: { headers: [['Permissions-Policy', 'unload=()']] } });
+  const subframe = await main.addIframe();
+  await assertWindowRunsUnload(subframe, 'subframe', { shouldRunUnload: false });
+  await assertWindowRunsUnload(main, 'main', { shouldRunUnload: false });
+});