Bug 1488308 [wpt PR 7944] - Add feature-policy to battery-status, a=t…

…estonly

Automatic update from web-platform-tests
Add feature-policy to battery-status (#7944)

* Add feature-policy to battery-status

 - Add feature-policy tests
 - Disallow using battery in cross-origin iframe
 - Allow using battery in same-origin iframe
 w3c/battery#13

* Replace SecurityError with NotAllowedError

and use modern ES6

--

wpt-commits: fab60f68f7227113a171fb8e17d84d2f5983109b
wpt-pr: 7944

testing/web-platform/tests/battery-status/META.yml

@@ -2,3 +2,4 @@ spec: https://w3c.github.io/battery/
 suggested_reviewers:
   - anssiko
   - zqzhang
+  - Honry

testing/web-platform/tests/battery-status/battery-allowed-by-feature-policy-attribute-redirect-on-load.https.sub.html

@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<body>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/feature-policy/resources/featurepolicy.js></script>
+<script>
+'use strict';
+
+const relative_path = '/feature-policy/resources/feature-policy-battery.html';
+const base_src = '/feature-policy/resources/redirect-on-load.html#';
+const same_origin_src = base_src + relative_path;
+const cross_origin_src = base_src + 'https://{{domains[www]}}:{{ports[https][0]}}' +
+  relative_path;
+const header = 'Feature-Policy allow="battery"';
+
+async_test(t => {
+  test_feature_availability(
+      'navigator.getBattery()', t, same_origin_src,
+      expect_feature_available_default, 'battery');
+}, `${header} allows same-origin relocation.`);
+
+async_test(t => {
+  test_feature_availability(
+      'navigator.getBattery()', t, cross_origin_src,
+      expect_feature_unavailable_default, 'battery');
+}, `${header} disallows cross-origin relocation.`);
+</script>
+</body>

testing/web-platform/tests/battery-status/battery-allowed-by-feature-policy-attribute.https.sub.html

@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<body>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/feature-policy/resources/featurepolicy.js></script>
+<script>
+'use strict';
+
+const same_origin_src = '/feature-policy/resources/feature-policy-battery.html';
+const cross_origin_src = 'https://{{domains[www]}}:{{ports[https][0]}}' +
+  same_origin_src;
+const feature_name = 'Feature policy "battery"';
+const header = 'allow="battery" attribute';
+
+async_test(t => {
+  test_feature_availability(
+      'navigator.getBattery()', t, same_origin_src,
+      expect_feature_available_default, 'battery');
+}, `${feature_name} can be enabled in same-origin iframe using ${header}`);
+
+async_test(t => {
+  test_feature_availability(
+      'navigator.getBattery()', t, cross_origin_src,
+      expect_feature_available_default, 'battery');
+}, `${feature_name} can be enabled in cross-origin iframe using ${header}`);
+</script>
+</body>

testing/web-platform/tests/battery-status/battery-allowed-by-feature-policy.https.sub.html

@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<body>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/feature-policy/resources/featurepolicy.js></script>
+<script>
+'use strict';
+
+const same_origin_src = '/feature-policy/resources/feature-policy-battery.html';
+const cross_origin_src = 'https://{{domains[www]}}:{{ports[https][0]}}' +
+  same_origin_src;
+const header = 'Feature-Policy header {"battery" : ["*"]}';
+
+promise_test(
+    async () => await navigator.getBattery(),
+   `${header} allows the top-level document.`);
+
+async_test(t => {
+  test_feature_availability('navigator.getBattery()', t, same_origin_src,
+      expect_feature_available_default);
+}, `${header} allows same-origin iframes.`);
+
+async_test(t => {
+  test_feature_availability('navigator.getBattery()', t, cross_origin_src,
+      expect_feature_available_default);
+}, `${header} allows cross-origin iframes.`);
+</script>
+</body>

testing/web-platform/tests/battery-status/battery-allowed-by-feature-policy.https.sub.html.headers

@@ -0,0 +1 @@
+Feature-Policy: battery *

testing/web-platform/tests/battery-status/battery-iframe.https.html → testing/web-platform/tests/battery-status/battery-allowed-in-same-origin-iframe.https.html

@@ -1,6 +1,6 @@
 <!DOCTYPE html>
 <meta charset="utf-8">
-<title>Battery Test: navigator.getBattery() is not allowed in non top-level browsing context</title>
+<title>Battery Test: navigator.getBattery() is allowed in same origin iframe</title>
 <link rel="author" title="Intel" href="http://www.intel.com">
 <link rel="help" href="https://www.w3.org/TR/battery-status/">
 <script src="/resources/testharness.js"></script>
@@ -16,12 +16,11 @@
   });
 }
 
-promise_test(t => {
-  var iframe = document.getElementById('blank');
-  var src = 'support-iframe.html';
-  return load_iframe(iframe, src)
-    .then(iframe => promise_rejects(t, 'SecurityError',
-                                    iframe.contentWindow.navigator.getBattery()));
-}, "throw a 'SecurityError' when invoking navigator.getBattery() within iframe");
+promise_test(async t => {
+  let iframe = document.getElementById('blank');
+  const src = 'support-iframe.html';
+  iframe = await load_iframe(iframe, src);
+  await iframe.contentWindow.navigator.getBattery();
+}, "navigator.getBattery() is allowed in same origin iframe");
 
 </script>

testing/web-platform/tests/battery-status/battery-default-feature-policy.https.sub.html

@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<body>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/feature-policy/resources/featurepolicy.js></script>
+<script>
+'use strict';
+
+const same_origin_src = '/feature-policy/resources/feature-policy-battery.html';
+const cross_origin_src = 'https://{{domains[www]}}:{{ports[https][0]}}' +
+  same_origin_src;
+const header = 'Default "battery" feature policy ["self"]';
+
+promise_test(
+    async () => await navigator.getBattery(),
+    `${header} allows the top-level document.`);
+
+async_test(t => {
+  test_feature_availability('navigator.getBattery()', t, same_origin_src,
+      expect_feature_available_default);
+}, `${header} allows same-origin iframes.`);
+
+async_test(t => {
+  test_feature_availability('navigator.getBattery()', t, cross_origin_src,
+      expect_feature_unavailable_default);
+}, `${header} disallows cross-origin iframes.`);
+</script>
+</body>

testing/web-platform/tests/battery-status/battery-disabled-by-feature-policy.https.sub.html

@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<body>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/feature-policy/resources/featurepolicy.js></script>
+<script>
+'use strict';
+
+const same_origin_src = '/feature-policy/resources/feature-policy-battery.html';
+const cross_origin_src = 'https://{{domains[www]}}:{{ports[https][0]}}' +
+  same_origin_src;
+const header = 'Feature-Policy header {"battery" : []}';
+
+promise_test(async t => {
+  await promise_rejects(t, 'NotAllowedError', navigator.getBattery());
+}, `${header} disallows the top-level document.`);
+
+async_test(t => {
+  test_feature_availability('navigator.getBattery()', t, same_origin_src,
+      expect_feature_unavailable_default);
+}, `${header} disallows same-origin iframes.`);
+
+async_test(t => {
+  test_feature_availability('navigator.getBattery()', t, cross_origin_src,
+      expect_feature_unavailable_default);
+}, `${header} disallows cross-origin iframes.`);
+</script>
+</body>

testing/web-platform/tests/battery-status/battery-disabled-by-feature-policy.https.sub.html.headers

@@ -0,0 +1 @@
+Feature-Policy: battery 'none'

testing/web-platform/tests/battery-status/battery-disallowed-in-cross-origin-iframe.https.sub.html

@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>Battery Test: navigator.getBattery() is not allowed in cross origin iframe</title>
+<link rel="author" title="Intel" href="http://www.intel.com">
+<link rel="help" href="https://www.w3.org/TR/battery-status/">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<div id="log"></div>
+<iframe id="blank" src="about:blank" style="display: none"></iframe>
+<script>
+
+function load_iframe(iframe, src) {
+  return new Promise((resolve, reject) => {
+    iframe.onload = () => resolve(iframe);
+    iframe.src = src;
+  });
+}
+
+promise_test(async t => {
+  let iframe = document.getElementById('blank');
+  const path = location.pathname.substring(0, location.pathname.lastIndexOf('/') + 1);
+  const src = 'https://{{domains[www1]}}:{{ports[https][0]}}' + path + 'support-iframe.html';
+  iframe = await load_iframe(iframe, src);
+  await promise_rejects(t, 'NotAllowedError', iframe.contentWindow.navigator.getBattery());
+}, "throw a 'NotAllowedError' when invoking navigator.getBattery() within cross-origin iframe");
+
+</script>

testing/web-platform/tests/feature-policy/resources/feature-policy-battery.html

@@ -0,0 +1,9 @@
+<script>
+'use strict';
+
+Promise.resolve().then(() => navigator.getBattery()).then(battery => {
+  window.parent.postMessage({ enabled: true }, '*');
+}, error => {
+  window.parent.postMessage({ enabled: false }, '*');
+});
+</script>