5 <title>Test SharedWorkerGlobalScope.isSecureContext for HTTP creator
</title>
6 <meta name=
"help" href=
"https://w3c.github.io/webappsec-secure-contexts/#monkey-patching-global-object">
7 <script src=/resources/testharness.js
></script>
8 <script src=/resources/testharnessreport.js
></script>
9 <script src=
"server-locations.sub.js"></script>
14 * The goal of this test is to check that we do the right thing if the
15 * same SharedWorker is used first from an insecure context and then from
18 * To do this, we first open an insecure (http) popup, which loads a
19 * subframe that is same-origin with us but not a secure context, since
20 * its parent is http, not https. Then this subframe loads a SharedWorker
21 * and communicates back to us whether that worker and a child dedicated
22 * worker it spawns think they are secure contexts. Async tests t3 and t4
23 * track these two workers.
25 * After we have heard from both workers in the popup, we directly load
26 * the same exact subframe ourselves and see what the workers in it
27 * report. Async tests t1 and t2 track these two workers.
29 var t1
= async_test("Shared worker in subframe");
30 var t2
= async_test("Nested worker in shared worker in subframe");
31 var t3
= async_test("Shared worker in popup");
32 var t4
= async_test("Nested worker from shared worker in popup");
36 onmessage = function(e
) {
38 // Make sure to not close the popup until we've run the iframe part of
39 // the test! We need to keep those shared workers alive.
40 if (messageCount
== 4 && popup
) {
44 if (data
.type
== "shared") {
45 // This is a message from our shared worker; check whether it's the
46 // one in the popup or in our subframe.
49 assert_false(data
.exception
, "SharedWorker should not throw an exception.");
50 assert_false(data
.error
, "SharedWorker connection should not generate an error.");
51 assert_false(data
.isSecureContext
, "SharedWorker is not a secure context");
56 assert_false(data
.exception
, "SharedWorker should not throw an exception.");
57 assert_true(data
.error
, "SharedWorker connection should generate an error.");
61 } else if (data
.type
== "nested") {
62 // This is a message from our shared worker's nested dedicated worker;
63 // check whether it's the one in the popup or in our subframe.
66 assert_false(data
.exception
, "SharedWorker should not throw an exception.");
67 assert_false(data
.error
, "SharedWorker connection should not generate an error.");
68 assert_false(data
.isSecureContext
);
73 assert_false(data
.exception
, "SharedWorker should not throw an exception.");
74 assert_true(data
.error
, "SharedWorker connection should generate an error.");
83 assert_unreached("Unknown message");
87 assert_unreached("Unknown message");
91 assert_unreached("Unknown message");
95 assert_unreached("Unknown message");
100 if (messageCount
== 2) {
101 // Got both messages from our popup; time to create our child.
102 var ifr
= document
.createElement("iframe");
103 ifr
.src
= https_dir5
+ "support/https-subframe-shared.html";
104 document
.body
.appendChild(ifr
);
108 popup
= window
.open(http_dir
+ "support/shared-worker-insecure-popup.html?https_dir5");