Bug 1622645 [wpt PR 22264] - [WPT/referrer-policy] Support subresource requests from data: URL workers, a=testonly

Automatic update from web-platform-tests [WPT/referrer-policy] Support subresource requests from data: URL workers This CL makes stripUrlForUseAsReferrer() more spec-conformant, in order to support `data:` URLs as the argument, which can happen in testing subresource requests from data: URL workers (no such tests so far though). Bug: 906850 Change-Id: I3ba7b1fbf27e79624d9c09fa2c65862b45d17338 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2102302 Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> Reviewed-by: Kenichi Ishibashi <bashi@chromium.org> Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org> Cr-Commit-Position: refs/heads/master@{#750490} -- wpt-commits: 71baee5fc517bb9eb9ac064a387073fa5a82d061 wpt-pr: 22264
2024-10-21 01:05:45 +00:00 · 2020-03-18 11:24:15 +00:00 · 2020-03-18 11:24:15 +00:00 · 156873316f
commit 156873316f
parent 21bfe7f8f8
1 changed files with 27 additions and 9 deletions
--- a/testing/web-platform/tests/referrer-policy/generic/test-case.sub.js
+++ b/testing/web-platform/tests/referrer-policy/generic/test-case.sub.js
@ -1,10 +1,28 @@
-// NOTE: This method only strips the fragment and is not in accordance to the
-// recommended draft specification:
-// https://w3c.github.io/webappsec/specs/referrer-policy/#null
-// TODO(kristijanburnik): Implement this helper as defined by spec once added
-// scenarios for URLs containing username/password/etc.
-function stripUrlForUseAsReferrer(url) {
-  return url.replace(/#.*$/, "");
+// https://w3c.github.io/webappsec-referrer-policy/#strip-url
+function stripUrlForUseAsReferrer(url, originOnly) {
+  // Step 2. If url’s scheme is a local scheme, then return no referrer.
+  const parsedUrl = new URL(url);
+
+  if (["about:", "blob:", "data:"].includes(parsedUrl.protocol))
+    return undefined;
+
+  // Step 3. Set url’s username to the empty string.
+  parsedUrl.username = '';
+
+  // Step 4. Set url’s password to null.
+  parsedUrl.password = '';
+
+  // Step 5. Set url’s fragment to null.
+  parsedUrl.hash = '';
+
+  //  Step 6. If the origin-only flag is true, then:
+  if (originOnly) {
+    // Step 6.1. Set url’s path to null.
+    parsedUrl.pathname = '';
+    // Step 6.2. Set url’s query to null.
+    parsedUrl.search = '';
+  }
+  return parsedUrl.href;
 }

 function invokeScenario(scenario) {
@ -27,10 +45,10 @@ const referrerUrlResolver = {
    return undefined;
  },
  "origin": function(sourceUrl) {
-    return new URL(sourceUrl).origin + "/";
+    return stripUrlForUseAsReferrer(sourceUrl, true);
  },
  "stripped-referrer": function(sourceUrl) {
-    return stripUrlForUseAsReferrer(sourceUrl);
+    return stripUrlForUseAsReferrer(sourceUrl, false);
  }
 };