mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-19 16:25:38 +00:00
Bug 1509279
[wpt PR 14180] - Reland "Add referrer-policy module worker tests", a=testonly
Automatic update from web-platform-testsReland "Add referrer-policy module worker tests" This reverts commit 02c7f5d5693c6bb20ca28ab443c3eb7d5577ca18. Reason for revert: I expect crbug/906964 is fixed by reverting another CL, so relanding this. Original change's description: > Revert "Add referrer-policy module worker tests" > > This reverts commit ec589a5ce0cd6d297605922119065cc2805d8db9. > > Reason for revert: crbug.com/906964 > > Original change's description: > > Add referrer-policy module worker tests > > > > This CL adds WPT tests for referrer policy applied to > > module worker top-level script fetch. > > > > The only manual changes are > > - referrer-policy/generic/common.js > > - referrer-policy/generic/referrer-policy-test-case.js > > - referrer-policy/spec.src.json > > and all other modifications are made by > > referrer-policy/generic/tools/generate.py. > > > > Bug: 880027 > > Change-Id: Ib1f9136161e8efacf317fb9b7e9ba0651a103c41 > > Reviewed-on: https://chromium-review.googlesource.com/c/1330906 > > Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org> > > Reviewed-by: Jochen Eisinger <jochen@chromium.org> > > Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#609589} > > TBR=hiroshige@chromium.org,nhiroki@chromium.org,jochen@chromium.org > > Change-Id: I0931159c0494b981a1d6b07232af55b20f68f559 > No-Presubmit: true > No-Tree-Checks: true > No-Try: true > Bug: 880027, 906964 > Reviewed-on: https://chromium-review.googlesource.com/c/1344213 > Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org> > Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org> > Cr-Commit-Position: refs/heads/master@{#609731} TBR=hiroshige@chromium.org,nhiroki@chromium.org,jochen@chromium.org Change-Id: I48d40a578e06526558fc7a4733395e1e505b9694 Bug: 880027, 906964 Reviewed-on: https://chromium-review.googlesource.com/c/1344267 Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org> Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org> Cr-Commit-Position: refs/heads/master@{#610256} -- wpt-commits: fe0e2ce1f30ee67ed4c3be7ae420d49b48bc5749 wpt-pr: 14180
This commit is contained in:
parent
3a8cc36f1b
commit
f4bf52e7ab
@ -179,6 +179,14 @@ function queryWorker(url, callback) {
|
||||
};
|
||||
}
|
||||
|
||||
function queryModuleWorkerTopLevel(url, callback) {
|
||||
var worker = new Worker(url, {type: "module"});
|
||||
worker.onmessage = function(event) {
|
||||
var server_data = event.data;
|
||||
callback(wrapResult(url, server_data), url);
|
||||
};
|
||||
}
|
||||
|
||||
function queryFetch(url, callback) {
|
||||
fetch(url).then(function(response) {
|
||||
response.json().then(function(server_data) {
|
||||
|
@ -21,6 +21,7 @@ function ReferrerPolicyTestCase(scenario, testDescription, sanityChecker) {
|
||||
"img-tag": queryImage,
|
||||
"script-tag": queryScript,
|
||||
"worker-request": queryWorker,
|
||||
"module-worker": queryModuleWorkerTopLevel,
|
||||
"xhr-request": queryXhr
|
||||
};
|
||||
|
||||
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer-when-downgrade",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: no-referrer-when-downgrade
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer-when-downgrade",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: no-referrer-when-downgrade
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<meta name="referrer" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer-when-downgrade",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<meta name="referrer" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer-when-downgrade",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
|
||||
<meta name="description" content="Check that sub-resource never gets the referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
|
||||
<meta name="assert" content="The referrer URL is omitted when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "omitted"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: no-referrer
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
|
||||
<meta name="description" content="Check that sub-resource never gets the referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
|
||||
<meta name="assert" content="The referrer URL is omitted when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "omitted"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: no-referrer
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
|
||||
<meta name="description" content="Check that sub-resource never gets the referrer URL.">
|
||||
<meta name="referrer" content="no-referrer">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
|
||||
<meta name="assert" content="The referrer URL is omitted when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "omitted"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
|
||||
<meta name="description" content="Check that sub-resource never gets the referrer URL.">
|
||||
<meta name="referrer" content="no-referrer">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
|
||||
<meta name="assert" content="The referrer URL is omitted when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "no-referrer",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "omitted"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin-when-cross-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: origin-when-cross-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin-when-cross-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: origin-when-cross-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<meta name="referrer" content="origin-when-cross-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin-when-cross-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<meta name="referrer" content="origin-when-cross-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin-when-cross-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
|
||||
<meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
|
||||
<meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
|
||||
<meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
|
||||
<meta name="referrer" content="origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'origin'</title>
|
||||
<meta name="description" content="Check that all subresources in all casses get only the origin portion of the referrer URL.">
|
||||
<meta name="referrer" content="origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "same-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: same-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "same-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: same-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
|
||||
<meta name="referrer" content="same-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "same-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
|
||||
<meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
|
||||
<meta name="referrer" content="same-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "same-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -455,7 +455,10 @@
|
||||
"redirection": "*",
|
||||
"delivery_method": "*",
|
||||
"origin": "cross-origin",
|
||||
"subresource": "worker-request",
|
||||
"subresource": [
|
||||
"worker-request",
|
||||
"module-worker"
|
||||
],
|
||||
"referrer_url": "*"
|
||||
},
|
||||
{
|
||||
@ -466,7 +469,10 @@
|
||||
"delivery_method": "*",
|
||||
"redirection": "*",
|
||||
"origin": "*",
|
||||
"subresource": "worker-request",
|
||||
"subresource": [
|
||||
"worker-request",
|
||||
"module-worker"
|
||||
],
|
||||
"referrer_url": "*"
|
||||
},
|
||||
{
|
||||
@ -491,6 +497,7 @@
|
||||
"subresource": [
|
||||
"xhr-request",
|
||||
"worker-request",
|
||||
"module-worker",
|
||||
"fetch-request"
|
||||
],
|
||||
"referrer_url": "*"
|
||||
@ -509,6 +516,7 @@
|
||||
"script-tag",
|
||||
"xhr-request",
|
||||
"worker-request",
|
||||
"module-worker",
|
||||
"fetch-request",
|
||||
"area-tag"
|
||||
],
|
||||
@ -533,7 +541,10 @@
|
||||
"delivery_method": "*",
|
||||
"redirection": "swap-origin-redirect",
|
||||
"origin": "*",
|
||||
"subresource": ["worker-request"],
|
||||
"subresource": [
|
||||
"worker-request",
|
||||
"module-worker"
|
||||
],
|
||||
"referrer_url": "*"
|
||||
},
|
||||
{
|
||||
@ -614,6 +625,7 @@
|
||||
"area-tag",
|
||||
"xhr-request",
|
||||
"worker-request",
|
||||
"module-worker",
|
||||
"fetch-request"
|
||||
],
|
||||
|
||||
@ -632,6 +644,7 @@
|
||||
"img-tag": "/referrer-policy/generic/subresource/image.py",
|
||||
"script-tag": "/referrer-policy/generic/subresource/script.py",
|
||||
"worker-request": "/referrer-policy/generic/subresource/worker.py",
|
||||
"module-worker": "/referrer-policy/generic/subresource/worker.py",
|
||||
"xhr-request": "/referrer-policy/generic/subresource/xhr.py"
|
||||
}
|
||||
}
|
||||
|
File diff suppressed because one or more lines are too long
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin-when-cross-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: strict-origin-when-cross-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin-when-cross-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: strict-origin-when-cross-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<meta name="referrer" content="strict-origin-when-cross-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin-when-cross-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
|
||||
<meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
|
||||
<meta name="referrer" content="strict-origin-when-cross-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin-when-cross-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: strict-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: strict-origin
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<meta name="referrer" content="strict-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<meta name="referrer" content="strict-origin">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
|
||||
<meta name="assert" content="The referrer URL is origin when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "strict-origin",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "origin"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
|
||||
<meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "unsafe-url",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: unsafe-url
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
|
||||
<meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "unsafe-url",
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,2 @@
|
||||
Referrer-Policy: unsafe-url
|
||||
Access-Control-Allow-Origin: *
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
|
||||
<meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
|
||||
<meta name="referrer" content="unsafe-url">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "unsafe-url",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,41 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'unsafe-url'</title>
|
||||
<meta name="description" content="Check that all sub-resources get the stripped referrer URL.">
|
||||
<meta name="referrer" content="unsafe-url">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-unsafe-url">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": "unsafe-url",
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,40 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
|
||||
<meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": null,
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,40 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
|
||||
<meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the http-rp
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": null,
|
||||
"delivery_method": "http-rp",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,40 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
|
||||
<meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with keep-origin-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": null,
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "keep-origin-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,40 @@
|
||||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
|
||||
<html>
|
||||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is not explicitly defined</title>
|
||||
<meta name="description" content="Check that referrer URL follows no-referrer-when-downgrade policy when no explicit Referrer Policy is set.">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policies">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
document served over http requires an http
|
||||
sub-resource via module-worker using the meta-referrer
|
||||
delivery method with no-redirect and when
|
||||
the target request is same-origin.">
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<!-- TODO(kristijanburnik): Minify and merge both: -->
|
||||
<script src="/referrer-policy/generic/common.js"></script>
|
||||
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
ReferrerPolicyTestCase(
|
||||
{
|
||||
"referrer_policy": null,
|
||||
"delivery_method": "meta-referrer",
|
||||
"redirection": "no-redirect",
|
||||
"origin": "same-origin",
|
||||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "module-worker",
|
||||
"subresource_path": "/referrer-policy/generic/subresource/worker.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
new SanityChecker()
|
||||
).start();
|
||||
</script>
|
||||
<div id="log"></div>
|
||||
</body>
|
||||
</html>
|
Loading…
Reference in New Issue
Block a user