// One document embeds another in an iframe. Both are loaded from the network.
// Depending on the response headers:
// - Cross-Origin-Embedder-Policy (COEP)
// - Cross-Origin-Resource-Policy (CORP)
// The child must load or must be blocked.
//
// What to do for:
// - COEP:credentialless
// - COEP:credentialless-on-children
// is currently an active open question. This test will be updated/completed
// later.

// There are no interoperable ways to check an iframe failed to load. So a
// timeout is being used. See https://github.com/whatwg/html/issues/125
// Moreover, we want to track progress, managing timeout explicitly allows to
// get a per-test results, even in case of failure of one.
setup({ explicit_timeout: true });

const same_origin = get_host_info().HTTPS_ORIGIN;
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;

// Open a new window loaded with the given |headers|. The new document will
// execute any script sent toward the token it returns.
const newWindow = (headers) => {
  const executor_token = token();
  const url = same_origin + executor_path + headers + `&uuid=${executor_token}`;
  const w = window.open(url);
  add_completion_callback(() => w.close());
  return executor_token;
};

const EXPECT_LOAD = "load";
const EXPECT_BLOCK = "block";

// Load in iframe. Control both the parent and the child headers. Check whether
// it loads or not.
const iframeTest = function(
  description,
  parent_token,
  child_origin,
  child_headers,
  expectation
) {
  promise_test_parallel(async test => {
    const test_token = token();

    const child_token = token();
    const child_url = child_origin + executor_path + child_headers +
      `&uuid=${child_token}`;

    await send(parent_token, `
      let iframe = document.createElement("iframe");
      iframe.src = "${child_url}";
      document.body.appendChild(iframe);
    `);

    await send(child_token, `
      send("${test_token}", "load");
    `);

    // There are no interoperable ways to check an iframe failed to load. So a
    // timeout is being used.
    // See https://github.com/whatwg/html/issues/125
    // Use a shorter timeout when it is expected to be reached.
    // - The long delay reduces the false-positive rate. False-positive causes
    //   stability problems on bot, so a big delay is used to vanish them.
    //   https://crbug.com/1215956.
    // - The short delay avoids delaying too much the test(s) for nothing and
    //   timing out. False-negative are not a problem, they just need not to
    //   overwhelm the true-negative, which is trivial to get.
    step_timeout(()=>send(test_token, "block"), expectation == EXPECT_BLOCK
      ? 2000
      : 6000
    );

    assert_equals(await receive(test_token), expectation);
  }, description);
}

// A decorated version of iframeTest, adding CORP:cross-origin to the child.
const iframeTestCORP = function() {
  arguments[0] += ", CORP:cross-origin"; // description
  arguments[3] += corp_cross_origin;     // child_headers
  iframeTest(...arguments);
}