mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 01:05:45 +00:00
Bug 1609940 [wpt PR 21232] - Referrer Policy: inheritance with javascript: URLs and document.write(), a=testonly
Automatic update from web-platform-tests Referrer Policy: inheritance with javascript: URLs and document.write() This cleans up some existing tests and adds new tests with results I expect from reading the specification, but do not see confirmed in implementations. -- wpt-commits: da44ef2f35865d73b7e32393142754f3e0ac859a wpt-pr: 21232
This commit is contained in:
Anne van Kesteren
moz-wptsync-bot
parent
d6a67adaf9
commit
76ff0dfeca
@ -4,37 +4,21 @@
|
||||
<link rel="help" href="https://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-nested">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- Common global functions for referrer-policy tests. -->
|
||||
<script src="/common/security-features/resources/common.sub.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js"></script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="resources/make-html-script.js"></script>
|
||||
<meta name="referrer" content="origin">
|
||||
</head>
|
||||
<body onload="runTest()">
|
||||
<h1>Referrer Policy: iframes with data url uses no referrer</h1>
|
||||
<script>
|
||||
let test = async_test("iframes with data url uses no referrer");
|
||||
window.addEventListener("message", test.step_func((msg) => {
|
||||
window.addEventListener("message", test.step_func_done(msg => {
|
||||
assert_equals(msg.data.referrer, undefined);
|
||||
test.done();
|
||||
}));
|
||||
|
||||
function runTest() {
|
||||
const BASE = location.protocol + "//www1." + location.hostname + ":" + location.port;
|
||||
const TEST_DATA =
|
||||
`data:text/html,<script src = "${BASE}/common/security-features/resources/common.sub.js"></` + `script>
|
||||
<script src = "${BASE}/referrer-policy/generic/referrer-policy-test-case.js"></` + `script>
|
||||
<script>
|
||||
var urlPath = "/common/security-features/subresource/xhr.py";
|
||||
var url = "${BASE}" + urlPath;
|
||||
requestViaXhr(url).then((msg) => {
|
||||
parent.postMessage({referrer: msg.referrer}, "*")})
|
||||
.catch((e) => {
|
||||
parent.postMessage({referrer: "FAILURE"}, "*");
|
||||
});
|
||||
</` + "script>";
|
||||
|
||||
let iframe = document.createElement("iframe");
|
||||
iframe.src = TEST_DATA;
|
||||
iframe.src = `data:text/html,${createScriptString(get_host_info().REMOTE_ORIGIN)}`;
|
||||
document.body.appendChild(iframe);
|
||||
}
|
||||
</script>
|
||||
|
||||
@ -0,0 +1,20 @@
|
||||
<!doctype html>
|
||||
<title>Referrer Policy: iframes with document.write()</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="resources/make-html-script.js"></script>
|
||||
<meta name="referrer" content="origin">
|
||||
<div id="log"></div>
|
||||
<script>
|
||||
async_test(t => {
|
||||
window.addEventListener("message", t.step_func_done(msg => {
|
||||
assert_equals(msg.data.referrer, self.origin + "/");
|
||||
}));
|
||||
|
||||
const iframe = document.createElement("iframe");
|
||||
document.body.appendChild(iframe);
|
||||
iframe.contentDocument.write(createScriptString(get_host_info().REMOTE_ORIGIN));
|
||||
iframe.contentDocument.close();
|
||||
});
|
||||
</script>
|
||||
@ -0,0 +1,70 @@
|
||||
<!doctype html>
|
||||
<title>Referrer Policy: iframes with javascript url reuse referrer policy</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="resources/make-html-script.js"></script>
|
||||
<meta name="referrer" content="origin">
|
||||
<div id="log"></div>
|
||||
<script>
|
||||
[
|
||||
{
|
||||
srcDocPolicy: ``,
|
||||
expected: self.origin + "/"
|
||||
},
|
||||
{
|
||||
srcDocPolicy: `<meta name="referrer" content="no-referrer">`,
|
||||
expected: undefined
|
||||
}
|
||||
].forEach(({ srcDocPolicy, expected }) => {
|
||||
promise_test(t => {
|
||||
return new Promise(resolve => {
|
||||
window.addEventListener("message", t.step_func(msg => {
|
||||
assert_equals(msg.data.referrer, expected);
|
||||
resolve();
|
||||
}), { once:true });
|
||||
|
||||
const iframe = document.createElement("iframe");
|
||||
t.add_cleanup(() => iframe.remove());
|
||||
iframe.srcdoc = `${srcDocPolicy}<body><h1>Outer iframe</h1></body>`;
|
||||
iframe.onload = t.step_func(() => {
|
||||
iframe.onload = null;
|
||||
const iframeChild = iframe.contentDocument.createElement("iframe");
|
||||
iframeChild.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN)}'`;
|
||||
iframe.contentDocument.body.appendChild(iframeChild);
|
||||
});
|
||||
document.body.appendChild(iframe);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
[
|
||||
{
|
||||
srcDocPolicy: ``,
|
||||
expected: self.origin + "/"
|
||||
},
|
||||
{
|
||||
srcDocPolicy: `<meta name="referrer" content="no-referrer">`,
|
||||
expected: undefined
|
||||
}
|
||||
].forEach(({ srcDocPolicy, expected }) => {
|
||||
promise_test(t => {
|
||||
return new Promise(resolve => {
|
||||
window.addEventListener("message", t.step_func(msg => {
|
||||
assert_equals(msg.data.referrer, expected);
|
||||
resolve();
|
||||
}), { once:true });
|
||||
|
||||
const iframe = document.createElement("iframe");
|
||||
t.add_cleanup(() => iframe.remove());
|
||||
iframe.srcdoc = `${srcDocPolicy}<body><h1>Outer iframe</h1></body>`;
|
||||
iframe.onload = t.step_func(() => {
|
||||
iframe.onload = null;
|
||||
iframe.contentWindow.location = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN)}'`;
|
||||
});
|
||||
document.body.appendChild(iframe);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
</script>
|
||||
@ -0,0 +1,19 @@
|
||||
<!doctype html>
|
||||
<title>Referrer Policy: iframes with javascript url reuse referrer policy</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="resources/make-html-script.js"></script>
|
||||
<meta name="referrer" content="origin">
|
||||
<div id="log"></div>
|
||||
<script>
|
||||
async_test(t => {
|
||||
window.addEventListener("message", t.step_func_done(msg => {
|
||||
assert_equals(msg.data.referrer, self.origin + "/");
|
||||
}));
|
||||
|
||||
const iframe = document.createElement("iframe");
|
||||
iframe.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN)}'`;
|
||||
document.body.appendChild(iframe);
|
||||
});
|
||||
</script>
|
||||
@ -5,43 +5,27 @@
|
||||
<link rel="help" href="https://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-nested">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- Common global functions for referrer-policy tests. -->
|
||||
<script src="/common/security-features/resources/common.sub.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js"></script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="resources/make-html-script.js"></script>
|
||||
<meta name="referrer" content="origin">
|
||||
</head>
|
||||
<body onload="runTest()">
|
||||
<h1>Referrer Policy: iframes srcdoc child correctly inherit the ancestor's referrer policy</h1>
|
||||
<script>
|
||||
var test = async_test("iframes srcdoc child correctly inherit the ancestor's referrer policy");
|
||||
window.addEventListener("message", test.step_func((msg) => {
|
||||
assert_equals(msg.data.referrer, document.location.origin + "/");
|
||||
test.done();
|
||||
window.addEventListener("message", test.step_func_done(msg => {
|
||||
assert_equals(msg.data.referrer, self.origin + "/");
|
||||
}));
|
||||
|
||||
const BASE = location.protocol + "//www1." + location.hostname + ":" + location.port;
|
||||
|
||||
function runTest() {
|
||||
var iframe = document.createElement("iframe");
|
||||
iframe.srcdoc = `<body><h1>Outer iframe</h1></body>`;
|
||||
iframe.onload = function() {
|
||||
iframe.onload = test.step_func(() => {
|
||||
iframe.onload = null;
|
||||
var iframeChild = iframe.contentDocument.createElement("iframe");
|
||||
iframeChild.srcdoc =
|
||||
`<script src = "${BASE}/common/security-features/resources/common.sub.js"></sc` + `ript>
|
||||
<script src = "${BASE}/referrer-policy/generic/referrer-policy-test-case.js"></sc` + `ript>
|
||||
<script>
|
||||
var urlPath = "/common/security-features/subresource/xhr.py";
|
||||
var url = "${BASE}" + urlPath;
|
||||
requestViaXhr(url).then((msg) => {
|
||||
window.top.postMessage({referrer: msg.referrer}, "*")})
|
||||
.catch((e) => {
|
||||
window.top.postMessage({referrer: "FAILURE"}, "*");
|
||||
});
|
||||
</sc` + "ript>";
|
||||
iframeChild.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN);
|
||||
iframe.contentDocument.body.appendChild(iframeChild);
|
||||
};
|
||||
|
||||
});
|
||||
document.body.appendChild(iframe);
|
||||
}
|
||||
</script>
|
||||
|
||||
@ -5,33 +5,21 @@
|
||||
<link rel="help" href="https://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-nested">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- Common global functions for referrer-policy tests. -->
|
||||
<script src="/common/security-features/resources/common.sub.js"></script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="resources/make-html-script.js"></script>
|
||||
<meta name="referrer" content="origin">
|
||||
</head>
|
||||
<body onload="runTest()">
|
||||
<h1>Referrer Policy: iframes srcdoc correctly inherit the ancestor's referrer policy</h1>
|
||||
<script>
|
||||
var test = async_test("iframes srcdoc correctly inherit the ancestor's referrer policy");
|
||||
window.addEventListener("message", test.step_func((msg) => {
|
||||
assert_equals(msg.data.referrer, document.location.origin + "/");
|
||||
test.done();
|
||||
window.addEventListener("message", test.step_func_done(msg => {
|
||||
assert_equals(msg.data.referrer, self.origin + "/");
|
||||
}));
|
||||
|
||||
function runTest() {
|
||||
var iframe = document.createElement("iframe");
|
||||
iframe.srcdoc =
|
||||
`<script src = "/common/security-features/resources/common.sub.js"></` + `script>
|
||||
<script>
|
||||
var urlPath = "/common/security-features/subresource/xhr.py";
|
||||
var url = "${location.protocol}//www1.${location.hostname}:${location.port}" + urlPath;
|
||||
requestViaXhr(url).then((msg) => {
|
||||
parent.postMessage({referrer: msg.referrer}, "*")})
|
||||
.catch((e) => {
|
||||
parent.postMessage({referrer: "FAILURE"}, "*");
|
||||
});
|
||||
</` + "script>";
|
||||
|
||||
iframe.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN);
|
||||
document.body.appendChild(iframe);
|
||||
}
|
||||
</script>
|
||||
|
||||
@ -0,0 +1,10 @@
|
||||
function createScriptString(origin) {
|
||||
return `<script src = "${origin}/common/security-features/resources/common.sub.js"><\/script>
|
||||
<script>
|
||||
requestViaXhr("${origin}/common/security-features/subresource/xhr.py").then(msg => {
|
||||
top.postMessage({referrer: msg.referrer}, "*")
|
||||
}).catch(e => {
|
||||
top.postMessage({referrer: "FAILURE"}, "*");
|
||||
});
|
||||
<\/script>`;
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user