diff options
Diffstat (limited to 'testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/referrer-unsafe-url.sub.html')
-rw-r--r-- | testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/referrer-unsafe-url.sub.html | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/referrer-unsafe-url.sub.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/referrer-unsafe-url.sub.html new file mode 100644 index 0000000000..443731c1b8 --- /dev/null +++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/referrer-unsafe-url.sub.html @@ -0,0 +1,81 @@ +<!DOCTYPE html> +<html> +<head> +<title>Referrer with the unsafe-url policy</title> +<meta name="referrer" content="unsafe-url"> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +</head> +<body> +<script type="module"> + +// "name" parameter is necessary for bypassing the module map. + +import { referrer as referrerSame } from "./resources/referrer-checker.py?name=same"; + +import { referrer as referrerRemote } from "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/scripting-1/the-script-element/module/resources/referrer-checker.py?name=remote"; + +import { referrer as referrerSameSame } from "./resources/import-referrer-checker.sub.js?name=same_same"; + +import { referrer as referrerSameRemote } from "./resources/import-remote-origin-referrer-checker.sub.js?name=same_remote"; + +import { referrer as referrerRemoteRemote } from "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/scripting-1/the-script-element/module/resources/import-referrer-checker.sub.js?name=remote_remote"; + +import { referrer as referrerRemoteSame } from "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/scripting-1/the-script-element/module/resources/import-same-origin-referrer-checker-from-remote-origin.sub.js?name=remote_same"; + +test(t => { + assert_equals( + referrerSame, location.href, + "Referrer should be sent for the same-origin top-level script."); +}, "Importing a same-origin top-level script with the unsafe-url policy."); + +test(t => { + assert_equals( + referrerRemote, location.href, + "Referrer should be sent for the remote-origin top-level script."); +}, "Importing a remote-origin top-level script with the unsafe-url policy."); + +test(t => { + const scriptURL = + new URL("resources/import-referrer-checker.sub.js", location.href) + assert_equals( + referrerSameSame, scriptURL + "?name=same_same", + "Referrer should be sent for the same-origin descendant script."); +}, "Importing a same-origin descendant script from a same-origin top-level " + + "script with the unsafe-url policy."); + +test(t => { + const scriptURL = + new URL("resources/import-remote-origin-referrer-checker.sub.js", + location.href) + assert_equals( + referrerSameRemote, scriptURL + "?name=same_remote", + "Referrer should be sent for the remote-origin descendant script."); +}, "Importing a remote-origin descendant script from a same-origin top-level " + + "script with the unsafe-url policy."); + +test(t => { + const scriptURL = + "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/" + + "scripting-1/the-script-element/module/resources/" + + "import-referrer-checker.sub.js"; + assert_equals( + referrerRemoteRemote, scriptURL + "?name=remote_remote", + "Referrer should be sent for the remote-origin descendant script."); +}, "Importing a remote-origin descendant script from a remote-origin " + + "top-level script with the unsafe-url policy."); + +test(t => { + const scriptURL = + "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/" + + "scripting-1/the-script-element/module/resources/" + + "import-same-origin-referrer-checker-from-remote-origin.sub.js"; + assert_equals( + referrerRemoteSame, scriptURL + "?name=remote_same", + "Referrer should be sent for the same-origin descendant script."); +}, "Importing a same-origin descendant script from a remote-origin " + + "top-level script with the unsafe-url policy."); + +</script> +</body> +</html> |