web-platform-tests · marcoscaceres · Feb 23, 2022 · May 21, 2020 · May 22, 2020 · Feb 23, 2022
diff --git a/feature-policy/resources/feature-policy-geolocation.html b/feature-policy/resources/feature-policy-geolocation.html
@@ -0,0 +1,21 @@
+<script src="/resources/testdriver.js"></script>
+<script src="/resources/testdriver-vendor.js"></script>
+<script>
+  "use strict";
+
+  Promise.resolve().then(async () => {
+    await test_driver.set_permission(
+      { name: "geolocation" },
+      "granted",
+      false
+    );
+    try {
+      await new Promise((resolve, reject) => {
+        navigator.geolocation.getCurrentPosition(resolve, reject);
+      });
+      window.parent.postMessage({ enabled: true }, "*");
+    } catch (e) {
+      window.parent.postMessage({ enabled: false }, "*");
+    }
+  });
+</script>
diff --git a/geolocation-API/disabled-by-feature-policy.https.sub.html b/geolocation-API/disabled-by-feature-policy.https.sub.html
@@ -0,0 +1,71 @@
+<!DOCTYPE html>
+<meta charset="utf-8" />
+<body>
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <script src="/resources/testdriver.js"></script>
+  <script src="/resources/testdriver-vendor.js"></script>
+  <script src="/feature-policy/resources/featurepolicy.js"></script>
+  <script>
+    "use strict";
+
+    const same_origin_src =
+      "/feature-policy/resources/feature-policy-geolocation.html";
+    const cross_origin_src =
+      "https://{{domains[www]}}:{{ports[https][0]}}" + same_origin_src;
+
+    promise_test(async (t) => {
+      await test_driver.set_permission(
+        { name: "geolocation" },
+        "granted",
+        false
+      );
+
+      const posError = await new Promise((resolve, reject) => {
+        navigator.geolocation.getCurrentPosition(reject, resolve);
+      });
+
+      assert_true(
+        posError instanceof GeolocationPositionError,
+        "Expected instance of GeolocationPositionError"
+      );
+
+      assert_equals(
+        posError.code,
+        GeolocationPositionError.prototype.PERMISSION_DENIED,
+        "Expected PERMISSION_DENIED"
+      );
+
+      const watchError = await new Promise((resolve, reject) => {
+        navigator.geolocation.watchPosition(reject, resolve);
+      });
+      assert_true(
+        watchError instanceof GeolocationPositionError,
+        "Expected instance of GeolocationPositionError"
+      );
+      assert_equals(
+        watchError.code,
+        GeolocationPositionError.prototype.PERMISSION_DENIED,
+        "Expected PERMISSION_DENIED"
+      );
+    }, "Feature-Policy header geolocation : 'none' disallows the top-level document.");
+
+    async_test((t) => {
+      test_feature_availability(
+        "geolocation",
+        t,
+        same_origin_src,
+        expect_feature_unavailable_default
+      );
+    }, "Feature-Policy header geolocation : 'none' disallows same-origin iframes.");
+
+    async_test((t) => {
+      test_feature_availability(
+        "geolocation",
+        t,
+        cross_origin_src,
+        expect_feature_unavailable_default
+      );
+    }, "Feature-Policy header geolocation 'none' disallows cross-origin iframes.");
+  </script>
+</body>
diff --git a/geolocation-API/disabled-by-feature-policy.https.sub.html.headers b/geolocation-API/disabled-by-feature-policy.https.sub.html.headers
@@ -0,0 +1 @@
+Feature-Policy: geolocation 'none'
diff --git a/geolocation-API/enabled-by-feature-policy-attribute-redirect-on-load.https.sub.html b/geolocation-API/enabled-by-feature-policy-attribute-redirect-on-load.https.sub.html
@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/feature-policy/resources/featurepolicy.js"></script>
+<script>
+  "use strict";
+
+  const relative_path = "/feature-policy/resources/feature-policy-geolocation.html";
+  const base_src = "/feature-policy/resources/redirect-on-load.html#";
+  const same_origin_src = base_src + relative_path;
+  const cross_origin_src =
+    base_src + "https://{{domains[www]}}:{{ports[https][0]}}" + relative_path;
+
+  async_test(t => {
+    test_feature_availability(
+      'geolocation',
+      t,
+      same_origin_src,
+      expect_feature_available_default,
+      "geolocation"
+    );
+  }, 'Feature-Policy allow="geolocation" allows same-origin relocation');
+
+  async_test(t => {
+    test_feature_availability(
+      'geolocation',
+      t,
+      cross_origin_src,
+      expect_feature_unavailable_default,
+      "geolocation"
+    );
+  }, 'Feature-Policy allow="geolocation" disallows cross-origin relocation');
+
+</script>
+</body>
diff --git a/geolocation-API/enabled-by-feature-policy-attribute.https.sub.html b/geolocation-API/enabled-by-feature-policy-attribute.https.sub.html
@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/feature-policy/resources/featurepolicy.js"></script>
+<script>
+  "use strict";
+
+  const same_origin_src =
+    "/feature-policy/resources/feature-policy-geolocation.html";
+  const cross_origin_src =
+    "https://{{domains[www]}}:{{ports[https][0]}}" + same_origin_src;
+
+  async_test(t => {
+    test_feature_availability(
+      "geolocation",
+      t,
+      same_origin_src,
+      expect_feature_available_default,
+      "geolocation"
+    );
+  }, 'Feature policy "geolocation" can be enabled in same-origin iframe using allow="geolocation" attribute');
+
+  async_test(t => {
+    test_feature_availability(
+      "geolocation",
+      t,
+      cross_origin_src,
+      expect_feature_available_default,
+      "geolocation"
+    );
+  }, 'Feature policy "geolocation" can be enabled in cross-origin iframe using allow="geolocation" attribute');
+</script>
+</body>
diff --git a/geolocation-API/enabled-by-feature-policy.https.sub.html b/geolocation-API/enabled-by-feature-policy.https.sub.html
@@ -0,0 +1,51 @@
+<!DOCTYPE html>
+<meta charset="utf-8" />
+<body>
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <script src="/resources/testdriver.js"></script>
+  <script src="/resources/testdriver-vendor.js"></script>
+  <script src="/feature-policy/resources/featurepolicy.js"></script>
+  <script>
+    const same_origin_src =
+      "/feature-policy/resources/feature-policy-geolocation.html";
+    const cross_origin_src =
+      "https://{{domains[www]}}:{{ports[https][0]}}" + same_origin_src;
+
+    promise_test(async (t) => {
+
+      await test_driver.set_permission(
+        { name: "geolocation" },
+        "granted",
+        false
+      );
+
+      const result = await new Promise((resolve, reject) => {
+        navigator.geolocation.getCurrentPosition(resolve, reject);
+      });
+
+      assert_true(
+        result instanceof GeolocationPosition,
+        "Expected a GeolocationPosition"
+      );
+    }, "Feature-Policy header geolocation: * allows the top-level document.");
+
+    async_test((t) => {
+      test_feature_availability(
+        "geolocation",
+        t,
+        same_origin_src,
+        expect_feature_available_default
+      );
+    }, "Feature-Policy header geolocation: * allows same-origin iframes.");
+
+    async_test((t) => {
+      test_feature_availability(
+        "geolocation",
+        t,
+        cross_origin_src,
+        expect_feature_available_default
+      );
+    }, "Feature-Policy header geolocation: * allows cross-origin iframes.");
+  </script>
+</body>
diff --git a/geolocation-API/enabled-by-feature-policy.https.sub.html.headers b/geolocation-API/enabled-by-feature-policy.https.sub.html.headers
@@ -0,0 +1 @@
+Feature-Policy: geolocation *
diff --git a/geolocation-API/enabled-on-self-origin-by-feature-policy.https.sub.html b/geolocation-API/enabled-on-self-origin-by-feature-policy.https.sub.html
@@ -0,0 +1,46 @@
+<!DOCTYPE html>
+<body>
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <script src="/resources/testdriver.js"></script>
+  <script src="/resources/testdriver-vendor.js"></script>
+  <script src="/feature-policy/resources/featurepolicy.js"></script>
+
+  <script>
+    "use strict";
+
+    const same_origin_src =
+      "/feature-policy/resources/feature-policy-geolocation.html";
+    const cross_origin_src =
+      "https://{{domains[www]}}:{{ports[https][0]}}" + same_origin_src;
+
+    promise_test(async (t) => {
+      await test_driver.set_permission(
+        { name: "geolocation" },
+        "granted",
+        false
+      );
+      await new Promise(resolve => {
+        navigator.geolocation.getCurrentPosition(resolve);
+      })
+    }, 'Feature-Policy header geolocation "self" allows the top-level document.');
+
+    async_test((t) => {
+      test_feature_availability(
+        "geolocation",
+        t,
+        same_origin_src,
+        expect_feature_available_default
+      );
+    }, 'Feature-Policy header geolocation "self" allows same-origin iframes.');
+
+    async_test((t) => {
+      test_feature_availability(
+        "geolocation",
+        t,
+        cross_origin_src,
+        expect_feature_unavailable_default
+      );
+    }, 'Feature-Policy header geolocation "self" disallows cross-origin iframes.');
+  </script>
+</body>
diff --git a/geolocation-API/enabled-on-self-origin-by-feature-policy.https.sub.html.headers b/geolocation-API/enabled-on-self-origin-by-feature-policy.https.sub.html.headers
@@ -0,0 +1 @@
+Feature-Policy: geolocation 'self'