blob: 2ee5ade8c08ad68b68ba68ce2c3a18dbe89469a1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
<!DOCTYPE html>
<head>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<meta name="referrer" content="no-referrer" id="referrermeta">
</head>
<body>
<script>
async function fetchAndGetReferrer() {
let response = await fetch('/common/security-features/subresource/xhr.py');
let data = await response.json();
return data.headers.referer;
}
promise_test(async t => {
assert_equals(await fetchAndGetReferrer(), undefined,
'referrer should not be set');
// Add second meta _before_ first meta.
const first_meta = document.getElementById('referrermeta');
const second_meta = document.createElement('meta');
second_meta.name = 'referrer';
second_meta.content = 'strict-origin';
document.head.appendChild(second_meta);
assert_equals(await fetchAndGetReferrer(), window.location.origin + '/',
'referrer should be origin only');
// Update content attribute of first meta.
first_meta.content = 'unsafe-url';
assert_equals(await fetchAndGetReferrer(), window.location.href,
'referrer should be full url');
}, 'document referrer policy is the value of the most recently modified <meta name="referrer"');
</script>
</body>
|
