Bug 1509279 [wpt PR 14180] - Reland "Add referrer-policy module worker tests", a=testonly

Automatic update from web-platform-testsReland "Add referrer-policy module worker tests"

This reverts commit 02c7f5d5693c6bb20ca28ab443c3eb7d5577ca18.

Reason for revert: I expect crbug/906964 is fixed by reverting
another CL, so relanding this.

Original change's description:
> Revert "Add referrer-policy module worker tests"
>
> This reverts commit ec589a5ce0cd6d297605922119065cc2805d8db9.
>
> Reason for revert: crbug.com/906964
>
> Original change's description:
> > Add referrer-policy module worker tests
> >
> > This CL adds WPT tests for referrer policy applied to
> > module worker top-level script fetch.
> >
> > The only manual changes are
> > - referrer-policy/generic/common.js
> > - referrer-policy/generic/referrer-policy-test-case.js
> > - referrer-policy/spec.src.json
> > and all other modifications are made by
> > referrer-policy/generic/tools/generate.py.
> >
> > Bug: 880027
> > Change-Id: Ib1f9136161e8efacf317fb9b7e9ba0651a103c41
> > Reviewed-on: https://chromium-review.googlesource.com/c/1330906
> > Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
> > Reviewed-by: Jochen Eisinger <jochen@chromium.org>
> > Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#609589}
>
> TBR=hiroshige@chromium.org,nhiroki@chromium.org,jochen@chromium.org
>
> Change-Id: I0931159c0494b981a1d6b07232af55b20f68f559
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: 880027, 906964
> Reviewed-on: https://chromium-review.googlesource.com/c/1344213
> Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org>
> Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#609731}

TBR=hiroshige@chromium.org,nhiroki@chromium.org,jochen@chromium.org

Change-Id: I48d40a578e06526558fc7a4733395e1e505b9694
Bug: 880027, 906964
Reviewed-on: https://chromium-review.googlesource.com/c/1344267
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org>
Cr-Commit-Position: refs/heads/master@{#610256}

--

wpt-commits: fe0e2ce1f30ee67ed4c3be7ae420d49b48bc5749
wpt-pr: 14180

testing/web-platform/tests/referrer-policy/generic/common.js

@@ -179,6 +179,14 @@ function queryWorker(url, callback) {
   };
 }
 
+function queryModuleWorkerTopLevel(url, callback) {
+  var worker = new Worker(url, {type: "module"});
+  worker.onmessage = function(event) {
+    var server_data = event.data;
+    callback(wrapResult(url, server_data), url);
+  };
+}
+
 function queryFetch(url, callback) {
   fetch(url).then(function(response) {
       response.json().then(function(server_data) {

testing/web-platform/tests/referrer-policy/generic/referrer-policy-test-case.js

@@ -21,6 +21,7 @@ function ReferrerPolicyTestCase(scenario, testDescription, sanityChecker) {
     "img-tag":  queryImage,
     "script-tag": queryScript,
     "worker-request": queryWorker,
+    "module-worker": queryModuleWorkerTopLevel,
     "xhr-request": queryXhr
   };
 

testing/web-platform/tests/referrer-policy/no-referrer-when-downgrade/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/no-referrer-when-downgrade/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer-when-downgrade
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/no-referrer-when-downgrade/http-rp/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/no-referrer-when-downgrade/http-rp/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer-when-downgrade
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/no-referrer-when-downgrade/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="no-referrer-when-downgrade">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/no-referrer-when-downgrade/meta-referrer/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="no-referrer-when-downgrade">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/no-referrer/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/no-referrer/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/no-referrer/http-rp/same-origin/http-http/module-worker/no-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/no-referrer/http-rp/same-origin/http-http/module-worker/no-redirect/generic.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/no-referrer/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <meta name="referrer" content="no-referrer">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/no-referrer/meta-referrer/same-origin/http-http/module-worker/no-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <meta name="referrer" content="no-referrer">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin-when-cross-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/same-origin-insecure.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: origin-when-cross-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/no-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin-when-cross-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/no-redirect/same-origin-insecure.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: origin-when-cross-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/origin-when-cross-origin/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="origin-when-cross-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin-when-cross-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin-when-cross-origin/meta-referrer/same-origin/http-http/module-worker/no-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="origin-when-cross-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin-when-cross-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
+    <meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/origin/http-rp/same-origin/http-http/module-worker/no-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
+    <meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin/http-rp/same-origin/http-http/module-worker/no-redirect/generic.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/origin/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
+    <meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
+    <meta name="referrer" content="origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/origin/meta-referrer/same-origin/http-http/module-worker/no-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
+    <meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
+    <meta name="referrer" content="origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/same-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/same-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/same-origin-insecure.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: same-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/same-origin/http-rp/same-origin/http-http/module-worker/no-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/same-origin/http-rp/same-origin/http-http/module-worker/no-redirect/same-origin-insecure.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: same-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/module-worker/no-redirect/same-origin-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/spec.src.json

@@ -455,7 +455,10 @@
       "redirection": "*",
       "delivery_method": "*",
       "origin": "cross-origin",
-      "subresource": "worker-request",
+      "subresource": [
+        "worker-request",
+        "module-worker"
+      ],
       "referrer_url": "*"
     },
     {
@@ -466,7 +469,10 @@
       "delivery_method": "*",
       "redirection": "*",
       "origin": "*",
-      "subresource": "worker-request",
+      "subresource": [
+        "worker-request",
+        "module-worker"
+      ],
       "referrer_url": "*"
     },
     {
@@ -491,6 +497,7 @@
       "subresource": [
         "xhr-request",
         "worker-request",
+        "module-worker",
         "fetch-request"
       ],
       "referrer_url": "*"
@@ -509,6 +516,7 @@
         "script-tag",
         "xhr-request",
         "worker-request",
+        "module-worker",
         "fetch-request",
         "area-tag"
       ],
@@ -533,7 +541,10 @@
       "delivery_method": "*",
       "redirection": "swap-origin-redirect",
       "origin": "*",
-      "subresource": ["worker-request"],
+      "subresource": [
+        "worker-request",
+        "module-worker"
+      ],
       "referrer_url": "*"
     },
     {
@@ -614,6 +625,7 @@
       "area-tag",
       "xhr-request",
       "worker-request",
+      "module-worker",
       "fetch-request"
     ],
 
@@ -632,6 +644,7 @@
     "img-tag": "/referrer-policy/generic/subresource/image.py",
     "script-tag": "/referrer-policy/generic/subresource/script.py",
     "worker-request": "/referrer-policy/generic/subresource/worker.py",
+    "module-worker": "/referrer-policy/generic/subresource/worker.py",
     "xhr-request": "/referrer-policy/generic/subresource/xhr.py"
   }
 }

testing/web-platform/tests/referrer-policy/strict-origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/same-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
+    <meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin-when-cross-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/strict-origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/same-insecure.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin-when-cross-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/strict-origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/no-redirect/same-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
+    <meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin-when-cross-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/strict-origin-when-cross-origin/http-rp/same-origin/http-http/module-worker/no-redirect/same-insecure.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin-when-cross-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/strict-origin-when-cross-origin/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/same-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
+    <meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="strict-origin-when-cross-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin-when-cross-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/strict-origin-when-cross-origin/meta-referrer/same-origin/http-http/module-worker/no-redirect/same-insecure.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
+    <meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="strict-origin-when-cross-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin-when-cross-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unsafe-url/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
+    <meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "unsafe-url",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unsafe-url/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: unsafe-url
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/unsafe-url/http-rp/same-origin/http-http/module-worker/no-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
+    <meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "unsafe-url",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unsafe-url/http-rp/same-origin/http-http/module-worker/no-redirect/generic.http.html.headers

@@ -0,0 +1,2 @@
+Referrer-Policy: unsafe-url
+Access-Control-Allow-Origin: *

testing/web-platform/tests/referrer-policy/unsafe-url/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
+    <meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
+    <meta name="referrer" content="unsafe-url">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "unsafe-url",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unsafe-url/meta-referrer/same-origin/http-http/module-worker/no-redirect/generic.http.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
+    <meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
+    <meta name="referrer" content="unsafe-url">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "unsafe-url",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unset-referrer-policy/http-rp/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html

@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
+    <meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": null,
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unset-referrer-policy/http-rp/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html

@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
+    <meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": null,
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unset-referrer-policy/meta-referrer/same-origin/http-http/module-worker/keep-origin-redirect/insecure-protocol.http.html

@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
+    <meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": null,
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>

testing/web-platform/tests/referrer-policy/unset-referrer-policy/meta-referrer/same-origin/http-http/module-worker/no-redirect/insecure-protocol.http.html

@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
+    <meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via module-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": null,
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "module-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>