diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /dom/security/test/referrer-policy/test_referrer_redirect.html | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/security/test/referrer-policy/test_referrer_redirect.html')
-rw-r--r-- | dom/security/test/referrer-policy/test_referrer_redirect.html | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/dom/security/test/referrer-policy/test_referrer_redirect.html b/dom/security/test/referrer-policy/test_referrer_redirect.html new file mode 100644 index 0000000000..df7a75a19c --- /dev/null +++ b/dom/security/test/referrer-policy/test_referrer_redirect.html @@ -0,0 +1,171 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Test anchor and area policy attribute for Bug 1184781</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> + + <!-- + Testing referrer headers after redirects. + https://bugzilla.mozilla.org/show_bug.cgi?id=1184781 + --> + + <script type="application/javascript"> + + const SJS = "://example.com/tests/dom/security/test/referrer-policy/referrer_testserver.sjs?"; + const PARAMS = ["ATTRIBUTE_POLICY", "NEW_ATTRIBUTE_POLICY", "META_POLICY", "RP_HEADER", "HSTS"]; + + const testCases = [ + {ACTION: ["generate-img-redirect-policy-test", "generate-iframe-redirect-policy-test"], + TESTS: [ + { + ATTRIBUTE_POLICY: "no-referrer", + NAME: "no-referrer-with-no-meta", + DESC: "no-referrer (img/iframe) with no meta", + RESULT: "none" + }, + { + ATTRIBUTE_POLICY: "origin", + NAME: "origin-with-no-meta", + DESC: "origin (img/iframe) with no meta", + RESULT: "origin" + }, + { + ATTRIBUTE_POLICY: "unsafe-url", + NAME: "unsafe-url-with-no-meta", + DESC: "unsafe-url (img/iframe) with no meta", + RESULT: "full" + }, + { + META_POLICY: "unsafe-url", + NAME: "unsafe-url-in-meta", + DESC: "unsafe-url in meta", + RESULT: "full" + }, + { + META_POLICY: "origin", + NAME: "origin-in-meta", + DESC: "origin in meta", + RESULT: "origin" + }, + { + META_POLICY: "no-referrer", + NAME: "no-referrer-in-meta", + DESC: "no-referrer in meta", + RESULT: "none" + }, + { + META_POLICY: "origin-when-cross-origin", + NAME: "origin-when-cross-origin-in-meta", + DESC: "origin-when-cross-origin in meta", + RESULT: "origin" + }, + { + ATTRIBUTE_POLICY: "no-referrer", + RP_HEADER: "origin", + NAME: "no-referrer-with-no-meta-origin-RP-header", + DESC: "no-referrer (img/iframe) with no meta, origin Referrer-Policy redirect header", + RESULT: "none" + }, + { + ATTRIBUTE_POLICY: "origin", + RP_HEADER: "no-referrer", + NAME: "origin-with-no-meta-no-referrer-RP-header", + DESC: "origin (img/iframe) with no meta, no-referrer Referrer-Policy redirect header", + RESULT: "none" + }, + { + ATTRIBUTE_POLICY: "unsafe-url", + RP_HEADER: "origin", + NAME: "unsafe-url-with-no-meta-origin-RP-header", + DESC: "unsafe-url (img/iframe) with no meta, origin Referrer-Policy redirect header", + RESULT: "origin" + }, + { + META_POLICY: "unsafe-url", + RP_HEADER: "origin", + NAME: "unsafe-url-in-meta-origin-RP-header", + DESC: "unsafe-url in meta, origin Referrer-Policy redirect header", + RESULT: "origin" + }, + { + META_POLICY: "origin", + RP_HEADER: "no-referrer", + NAME: "origin-in-meta-no-referrer-RP-header", + DESC: "origin in meta, no-referrer Referrer-Policy redirect header", + RESULT: "none" + }, + { + META_POLICY: "no-referrer", + RP_HEADER: "origin", + NAME: "no-referrer-in-meta-origin-RP-header", + DESC: "no-referrer in meta, origin Referrer-Policy redirect header", + RESULT: "none" + }, + { + META_POLICY: "origin-when-cross-origin", + RP_HEADER: "unsafe-url", + NAME: "origin-when-cross-origin-in-meta-unsafe-url-RP-header", + DESC: "origin-when-cross-origin in meta, unsafe-url Referrer-Policy redirect header", + RESULT: "origin" + } + ] + }, + // Check that "internal" redirects for mixed content upgrading + // are invisible, but not for HSTS upgrades (Bug 1857894). + { + ACTION: ["generate-img-policy-test"], + PREFS: [ + ["security.mixed_content.upgrade_display_content", true], + ["security.mixed_content.upgrade_display_content.image", true], + ], + TESTS: [ + { + META_POLICY: "strict-origin", + NAME: "img-strict-origin-mixed-content-upgrade", + DESC: "img-strict-origin-mixed-content-upgrade", + SCHEME_FROM: "https", + RESULT: "other-origin", + }, + ] + }, + { + ACTION: ["generate-img-policy-test"], + PREFS: [["security.mixed_content.upgrade_display_content", false]], + TESTS: [ + { + META_POLICY: "strict-origin", + NAME: "img-strict-origin-mixed-content-no-upgrade", + DESC: "img-strict-origin-mixed-content-no-upgrade", + SCHEME_FROM: "https", + RESULT: "none", + }, + ] + }, + { + ACTION: ["generate-img-policy-test"], + PREFS: [ + ["security.mixed_content.upgrade_display_content", false], + ["network.stricttransportsecurity.preloadlist", true], + ], + TESTS: [ + { + META_POLICY: "strict-origin", + NAME: "img-strict-origin-hsts-upgrade", + DESC: "img-strict-origin-hsts-upgrade", + SCHEME_FROM: "https", + RESULT: "none", + HSTS: true, + }, + ] + } + ]; + </script> + <script type="application/javascript" src="/tests/dom/security/test/referrer-policy/referrer_helper.js"></script> +</head> +<body onload="tests.next();"> + <iframe id="testframe"></iframe> +</body> +</html> + |