From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 02:47:55 +0200 Subject: Adding upstream version 124.0.1. Signed-off-by: Daniel Baumann --- dom/security/test/referrer-policy/browser.toml | 9 + .../referrer-policy/browser_fragment_navigation.js | 42 ++ ...rowser_referrer_disallow_cross_site_relaxing.js | 458 ++++++++++++++ .../referrer-policy/browser_referrer_telemetry.js | 126 ++++ .../referrer-policy/file_fragment_navigation.sjs | 21 + .../referrer-policy/img_referrer_testserver.sjs | 337 ++++++++++ dom/security/test/referrer-policy/mochitest.toml | 28 + .../test/referrer-policy/referrer_header.sjs | 6 + .../referrer_header_current_document_iframe.html | 12 + .../test/referrer-policy/referrer_helper.js | 129 ++++ .../test/referrer-policy/referrer_page.sjs | 39 ++ .../test/referrer-policy/referrer_testserver.sjs | 704 +++++++++++++++++++++ .../test/referrer-policy/test_img_referrer.html | 190 ++++++ .../test_referrer_header_current_document.html | 35 + .../referrer-policy/test_referrer_redirect.html | 171 +++++ 15 files changed, 2307 insertions(+) create mode 100644 dom/security/test/referrer-policy/browser.toml create mode 100644 dom/security/test/referrer-policy/browser_fragment_navigation.js create mode 100644 dom/security/test/referrer-policy/browser_referrer_disallow_cross_site_relaxing.js create mode 100644 dom/security/test/referrer-policy/browser_referrer_telemetry.js create mode 100644 dom/security/test/referrer-policy/file_fragment_navigation.sjs create mode 100644 dom/security/test/referrer-policy/img_referrer_testserver.sjs create mode 100644 dom/security/test/referrer-policy/mochitest.toml create mode 100644 dom/security/test/referrer-policy/referrer_header.sjs create mode 100644 dom/security/test/referrer-policy/referrer_header_current_document_iframe.html create mode 100644 dom/security/test/referrer-policy/referrer_helper.js create mode 100644 dom/security/test/referrer-policy/referrer_page.sjs create mode 100644 dom/security/test/referrer-policy/referrer_testserver.sjs create mode 100644 dom/security/test/referrer-policy/test_img_referrer.html create mode 100644 dom/security/test/referrer-policy/test_referrer_header_current_document.html create mode 100644 dom/security/test/referrer-policy/test_referrer_redirect.html (limited to 'dom/security/test/referrer-policy') diff --git a/dom/security/test/referrer-policy/browser.toml b/dom/security/test/referrer-policy/browser.toml new file mode 100644 index 0000000000..325b6a3f49 --- /dev/null +++ b/dom/security/test/referrer-policy/browser.toml @@ -0,0 +1,9 @@ +[DEFAULT] +support-files = ["referrer_page.sjs"] + +["browser_fragment_navigation.js"] +support-files = ["file_fragment_navigation.sjs"] + +["browser_referrer_disallow_cross_site_relaxing.js"] + +["browser_referrer_telemetry.js"] diff --git a/dom/security/test/referrer-policy/browser_fragment_navigation.js b/dom/security/test/referrer-policy/browser_fragment_navigation.js new file mode 100644 index 0000000000..c3d5e62854 --- /dev/null +++ b/dom/security/test/referrer-policy/browser_fragment_navigation.js @@ -0,0 +1,42 @@ +/* Any copyright is dedicated to the Public Domain. + http://creativecommons.org/publicdomain/zero/1.0/ */ + +"use strict"; + +const TEST_FILE = + "https://example.com/browser/dom/security/test/referrer-policy/file_fragment_navigation.sjs"; + +add_task(async function test_browser_navigation() { + await BrowserTestUtils.withNewTab(TEST_FILE, async browser => { + let loadPromise = BrowserTestUtils.browserLoaded(browser); + await SpecialPowers.spawn(browser, [], () => { + ok(content.document.getElementById("ok"), "Initial page should load"); + + info("Clicking on link to check referrer"); + content.document.getElementById("check_referrer").click(); + }); + await loadPromise; + + await SpecialPowers.spawn(browser, [], () => { + ok( + content.document.getElementById("ok"), + "Page should load when checking referrer" + ); + + info("Clicking on fragment link"); + content.document.getElementById("fragment").click(); + }); + + info("Reloading tab"); + loadPromise = BrowserTestUtils.browserLoaded(browser); + await BrowserTestUtils.reloadTab(gBrowser.selectedTab); + await loadPromise; + + await SpecialPowers.spawn(browser, [], () => { + ok( + content.document.getElementById("ok"), + "Page should load when checking referrer after fragment navigation and reload" + ); + }); + }); +}); diff --git a/dom/security/test/referrer-policy/browser_referrer_disallow_cross_site_relaxing.js b/dom/security/test/referrer-policy/browser_referrer_disallow_cross_site_relaxing.js new file mode 100644 index 0000000000..7f8df7b34b --- /dev/null +++ b/dom/security/test/referrer-policy/browser_referrer_disallow_cross_site_relaxing.js @@ -0,0 +1,458 @@ +/** + * Bug 1720294 - Testing disallow relaxing default referrer policy for + * cross-site requests. + */ + +"use strict"; + +requestLongerTimeout(6); + +const TEST_DOMAIN = "https://example.com/"; +const TEST_SAME_SITE_DOMAIN = "https://test1.example.com/"; +const TEST_SAME_SITE_DOMAIN_HTTP = "http://test1.example.com/"; +const TEST_CROSS_SITE_DOMAIN = "https://test1.example.org/"; +const TEST_CROSS_SITE_DOMAIN_HTTP = "http://test1.example.org/"; + +const TEST_PATH = "browser/dom/security/test/referrer-policy/"; + +const TEST_PAGE = `${TEST_DOMAIN}${TEST_PATH}referrer_page.sjs`; +const TEST_SAME_SITE_PAGE = `${TEST_SAME_SITE_DOMAIN}${TEST_PATH}referrer_page.sjs`; +const TEST_SAME_SITE_PAGE_HTTP = `${TEST_SAME_SITE_DOMAIN_HTTP}${TEST_PATH}referrer_page.sjs`; +const TEST_CROSS_SITE_PAGE = `${TEST_CROSS_SITE_DOMAIN}${TEST_PATH}referrer_page.sjs`; +const TEST_CROSS_SITE_PAGE_HTTP = `${TEST_CROSS_SITE_DOMAIN_HTTP}${TEST_PATH}referrer_page.sjs`; + +const REFERRER_FULL = 0; +const REFERRER_ORIGIN = 1; +const REFERRER_NONE = 2; + +function getExpectedReferrer(referrer, type) { + let res; + + switch (type) { + case REFERRER_FULL: + res = referrer; + break; + case REFERRER_ORIGIN: + let url = new URL(referrer); + res = `${url.origin}/`; + break; + case REFERRER_NONE: + res = ""; + break; + default: + ok(false, "unknown type"); + } + + return res; +} + +async function verifyResultInPage(browser, expected) { + await SpecialPowers.spawn(browser, [expected], value => { + is(content.document.referrer, value, "The document.referrer is correct."); + + let result = content.document.getElementById("result"); + is(result.textContent, value, "The referer header is correct"); + }); +} + +function getExpectedConsoleMessage(expected, isPrefOn, url) { + let msg; + + if (isPrefOn) { + msg = + "Referrer Policy: Ignoring the less restricted referrer policy “" + + expected + + "” for the cross-site request: " + + url; + } else { + msg = + "Referrer Policy: Less restricted policies, including " + + "‘no-referrer-when-downgrade’, ‘origin-when-cross-origin’ and " + + "‘unsafe-url’, will be ignored soon for the cross-site request: " + + url; + } + + return msg; +} + +function createConsoleMessageVerificationPromise(expected, isPrefOn, url) { + if (!expected) { + return Promise.resolve(); + } + + return new Promise(resolve => { + let listener = { + observe(msg) { + let message = msg.QueryInterface(Ci.nsIScriptError); + + if (message.category.startsWith("Security")) { + is( + message.errorMessage, + getExpectedConsoleMessage(expected, isPrefOn, url), + "The console message is correct." + ); + Services.console.unregisterListener(listener); + resolve(); + } + }, + }; + + Services.console.registerListener(listener); + }); +} + +function verifyNoConsoleMessage() { + // Verify that there is no referrer policy console message. + let allMessages = Services.console.getMessageArray(); + + for (let msg of allMessages) { + let message = msg.QueryInterface(Ci.nsIScriptError); + if ( + message.category.startsWith("Security") && + message.errorMessage.startsWith("Referrer Policy:") + ) { + ok(false, "There should be no console message for referrer policy."); + } + } +} + +const TEST_CASES = [ + // Testing that the referrer policy can be overridden with less restricted + // policy in the same-origin scenario. + { + policy: "unsafe-url", + referrer: TEST_PAGE, + test_url: TEST_PAGE, + expect: REFERRER_FULL, + original: REFERRER_FULL, + }, + // Testing that the referrer policy can be overridden with less restricted + // policy in the same-site scenario. + { + policy: "unsafe-url", + referrer: TEST_PAGE, + test_url: TEST_SAME_SITE_PAGE, + expect: REFERRER_FULL, + original: REFERRER_FULL, + }, + { + policy: "no-referrer-when-downgrade", + referrer: TEST_PAGE, + test_url: TEST_SAME_SITE_PAGE, + expect: REFERRER_FULL, + original: REFERRER_FULL, + }, + { + policy: "origin-when-cross-origin", + referrer: TEST_PAGE, + test_url: TEST_SAME_SITE_PAGE_HTTP, + expect: REFERRER_ORIGIN, + original: REFERRER_ORIGIN, + }, + // Testing that the referrer policy cannot be overridden with less restricted + // policy in the cross-site scenario. + { + policy: "unsafe-url", + referrer: TEST_PAGE, + test_url: TEST_CROSS_SITE_PAGE, + expect: REFERRER_ORIGIN, + expect_console: "unsafe-url", + original: REFERRER_FULL, + }, + { + policy: "no-referrer-when-downgrade", + referrer: TEST_PAGE, + test_url: TEST_CROSS_SITE_PAGE, + expect: REFERRER_ORIGIN, + expect_console: "no-referrer-when-downgrade", + original: REFERRER_FULL, + }, + { + policy: "origin-when-cross-origin", + referrer: TEST_PAGE, + test_url: TEST_CROSS_SITE_PAGE_HTTP, + expect: REFERRER_NONE, + expect_console: "origin-when-cross-origin", + original: REFERRER_ORIGIN, + }, + // Testing that the referrer policy can still be overridden with more + // restricted policy in the cross-site scenario. + { + policy: "no-referrer", + referrer: TEST_PAGE, + test_url: TEST_CROSS_SITE_PAGE, + expect: REFERRER_NONE, + original: REFERRER_NONE, + }, +]; + +add_setup(async function () { + await SpecialPowers.pushPrefEnv({ + set: [ + // Disable mixed content blocking to be able to test downgrade scenario. + ["security.mixed_content.block_active_content", false], + ], + }); +}); + +async function runTestIniFrame(gBrowser, enabled, expectNoConsole) { + await BrowserTestUtils.withNewTab( + { gBrowser, url: "about:blank" }, + async browser => { + for (let type of ["meta", "header"]) { + for (let test of TEST_CASES) { + info(`Test iframe: ${test.toSource()}`); + let referrerURL = `${test.referrer}?${type}=${test.policy}`; + let expected = enabled + ? getExpectedReferrer(referrerURL, test.expect) + : getExpectedReferrer(referrerURL, test.original); + + let expected_console = expectNoConsole + ? undefined + : test.expect_console; + + Services.console.reset(); + + BrowserTestUtils.startLoadingURIString(browser, referrerURL); + await BrowserTestUtils.browserLoaded(browser, false, referrerURL); + + let iframeURL = test.test_url + "?show"; + + let consolePromise = createConsoleMessageVerificationPromise( + expected_console, + enabled, + iframeURL + ); + // Create an iframe and load the url. + let bc = await SpecialPowers.spawn( + browser, + [iframeURL], + async url => { + let iframe = content.document.createElement("iframe"); + let loadPromise = ContentTaskUtils.waitForEvent(iframe, "load"); + iframe.src = url; + content.document.body.appendChild(iframe); + + await loadPromise; + + return iframe.browsingContext; + } + ); + + await verifyResultInPage(bc, expected); + await consolePromise; + if (!expected_console) { + verifyNoConsoleMessage(); + } + } + } + } + ); +} + +async function runTestForLinkClick(gBrowser, enabled, expectNoConsole) { + await BrowserTestUtils.withNewTab( + { gBrowser, url: "about:blank" }, + async browser => { + for (let type of ["meta", "header"]) { + for (let test of TEST_CASES) { + info(`Test link click: ${test.toSource()}`); + let referrerURL = `${test.referrer}?${type}=${test.policy}`; + let expected = enabled + ? getExpectedReferrer(referrerURL, test.expect) + : getExpectedReferrer(referrerURL, test.original); + + let expected_console = expectNoConsole + ? undefined + : test.expect_console; + + Services.console.reset(); + + BrowserTestUtils.startLoadingURIString(browser, referrerURL); + await BrowserTestUtils.browserLoaded(browser, false, referrerURL); + + let linkURL = test.test_url + "?show"; + + let consolePromise = createConsoleMessageVerificationPromise( + expected_console, + enabled, + linkURL + ); + + // Create the promise to wait for the navigation finishes. + let loadedPromise = BrowserTestUtils.browserLoaded( + browser, + false, + linkURL + ); + + // Generate the link and click it to navigate. + await SpecialPowers.spawn(browser, [linkURL], async url => { + let link = content.document.createElement("a"); + link.textContent = "Link"; + link.setAttribute("href", url); + + content.document.body.appendChild(link); + link.click(); + }); + + await loadedPromise; + + await verifyResultInPage(browser, expected); + await consolePromise; + if (!expected_console) { + verifyNoConsoleMessage(); + } + } + } + } + ); +} + +async function toggleETPForPage(gBrowser, url, toggle) { + let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, url); + + // First, Toggle ETP off for the test page. + let browserLoadedPromise = BrowserTestUtils.browserLoaded( + tab.linkedBrowser, + false, + url + ); + + if (toggle) { + gProtectionsHandler.enableForCurrentPage(); + } else { + gProtectionsHandler.disableForCurrentPage(); + } + + await browserLoadedPromise; + BrowserTestUtils.removeTab(tab); +} + +add_task(async function test_iframe() { + for (let enabled of [true, false]) { + await SpecialPowers.pushPrefEnv({ + set: [["network.http.referer.disallowCrossSiteRelaxingDefault", enabled]], + }); + + await runTestIniFrame(gBrowser, enabled); + } +}); + +add_task(async function test_iframe_pbmode() { + let win = await BrowserTestUtils.openNewBrowserWindow({ private: true }); + + for (let enabled of [true, false]) { + await SpecialPowers.pushPrefEnv({ + set: [ + [ + "network.http.referer.disallowCrossSiteRelaxingDefault.pbmode", + enabled, + ], + ], + }); + + await runTestIniFrame(win.gBrowser, enabled); + } + + await BrowserTestUtils.closeWindow(win); +}); + +add_task(async function test_link_click() { + for (let enabled of [true, false]) { + for (let enabled_top of [true, false]) { + await SpecialPowers.pushPrefEnv({ + set: [ + ["network.http.referer.disallowCrossSiteRelaxingDefault", enabled], + [ + "network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", + enabled_top, + ], + ], + }); + + // We won't show the console message if the strict rule is disabled for + // the top navigation. + await runTestForLinkClick(gBrowser, enabled && enabled_top, !enabled_top); + } + } +}); + +add_task(async function test_link_click_pbmode() { + let win = await BrowserTestUtils.openNewBrowserWindow({ private: true }); + + for (let enabled of [true, false]) { + for (let enabled_top of [true, false]) { + await SpecialPowers.pushPrefEnv({ + set: [ + [ + "network.http.referer.disallowCrossSiteRelaxingDefault.pbmode", + enabled, + ], + [ + "network.http.referer.disallowCrossSiteRelaxingDefault.pbmode.top_navigation", + enabled_top, + ], + // Disable https first mode for private browsing mode to test downgrade + // cases. + ["dom.security.https_first_pbm", false], + ], + }); + + // We won't show the console message if the strict rule is disabled for + // the top navigation in the private browsing window. + await runTestForLinkClick( + win.gBrowser, + enabled && enabled_top, + !enabled_top + ); + } + } + + await BrowserTestUtils.closeWindow(win); +}); + +add_task(async function test_iframe_etp_toggle_off() { + await SpecialPowers.pushPrefEnv({ + set: [["network.http.referer.disallowCrossSiteRelaxingDefault", true]], + }); + + // Open a new tab for the test page and toggle ETP off. + await toggleETPForPage(gBrowser, TEST_PAGE, false); + + // Run the test to see if the protection is disabled. We won't send console + // message if the protection was disabled by the ETP toggle. + await runTestIniFrame(gBrowser, false, true); + + // toggle ETP on again. + await toggleETPForPage(gBrowser, TEST_PAGE, true); + + // Run the test again to see if the protection is enabled. + await runTestIniFrame(gBrowser, true); +}); + +add_task(async function test_link_click_etp_toggle_off() { + await SpecialPowers.pushPrefEnv({ + set: [ + ["network.http.referer.disallowCrossSiteRelaxingDefault", true], + [ + "network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation", + true, + ], + ], + }); + + // Toggle ETP off for the cross site. Note that the cross site is the place + // where we test against the ETP permission for top navigation. + await toggleETPForPage(gBrowser, TEST_CROSS_SITE_PAGE, false); + + // Run the test to see if the protection is disabled. We won't send console + // message if the protection was disabled by the ETP toggle. + await runTestForLinkClick(gBrowser, false, true); + + // toggle ETP on again. + await toggleETPForPage(gBrowser, TEST_CROSS_SITE_PAGE, true); + + // Run the test again to see if the protection is enabled. + await runTestForLinkClick(gBrowser, true); +}); diff --git a/dom/security/test/referrer-policy/browser_referrer_telemetry.js b/dom/security/test/referrer-policy/browser_referrer_telemetry.js new file mode 100644 index 0000000000..7542dd9338 --- /dev/null +++ b/dom/security/test/referrer-policy/browser_referrer_telemetry.js @@ -0,0 +1,126 @@ +/** + * Bug 1720869 - Testing the referrer policy telemetry. + */ + +"use strict"; + +const TEST_DOMAIN = "https://example.com/"; +const TEST_CROSS_SITE_DOMAIN = "https://test1.example.org/"; + +const TEST_PATH = "browser/dom/security/test/referrer-policy/"; + +const TEST_PAGE = `${TEST_DOMAIN}${TEST_PATH}referrer_page.sjs`; +const TEST_CROSS_SITE_PAGE = `${TEST_CROSS_SITE_DOMAIN}${TEST_PATH}referrer_page.sjs`; + +// This matches to the order in ReferrerPolicy.webidl +const REFERRER_POLICY_INDEX = { + empty: 0, + "no-referrer": 1, + "no-referrer-when-downgrade": 2, + origin: 3, + "origin-when-cross-origin": 4, + "unsafe-url": 5, + "same-origin": 6, + "strict-origin": 7, + "strict-origin-when-cross-origin": 8, +}; + +const TEST_CASES = [ + { + policy: "", + expected: REFERRER_POLICY_INDEX.empty, + }, + { + policy: "no-referrer", + expected: REFERRER_POLICY_INDEX["no-referrer"], + }, + { + policy: "no-referrer-when-downgrade", + expected: REFERRER_POLICY_INDEX["no-referrer-when-downgrade"], + }, + { + policy: "origin", + expected: REFERRER_POLICY_INDEX.origin, + }, + { + policy: "origin-when-cross-origin", + expected: REFERRER_POLICY_INDEX["origin-when-cross-origin"], + }, + { + policy: "same-origin", + expected: REFERRER_POLICY_INDEX["same-origin"], + }, + { + policy: "strict-origin", + expected: REFERRER_POLICY_INDEX["strict-origin"], + }, + { + policy: "strict-origin-when-cross-origin", + expected: REFERRER_POLICY_INDEX["strict-origin-when-cross-origin"], + }, + { + policy: "unsafe-url", + expected: REFERRER_POLICY_INDEX["unsafe-url"], + }, +]; + +function clearTelemetry() { + Services.telemetry.getSnapshotForHistograms("main", true /* clear */); + Services.telemetry.getHistogramById("REFERRER_POLICY_COUNT").clear(); +} + +add_setup(async function () { + // Clear Telemetry probes before testing. + clearTelemetry(); +}); + +function verifyTelemetry(expected, isSameSite) { + // The record of cross-site loads is placed in the second half of the + // telemetry. + const offset = isSameSite ? 0 : Object.keys(REFERRER_POLICY_INDEX).length; + + let histograms = Services.telemetry.getSnapshotForHistograms( + "main", + false /* clear */ + ).parent; + + let referrerPolicyCountProbe = histograms.REFERRER_POLICY_COUNT; + + ok(referrerPolicyCountProbe, "The telemetry probe has been recorded."); + is( + referrerPolicyCountProbe.values[expected + offset], + 1, + "The telemetry is added correctly." + ); +} + +add_task(async function run_tests() { + for (let test of TEST_CASES) { + for (let sameSite of [true, false]) { + clearTelemetry(); + let referrerURL = `${TEST_PAGE}?header=${test.policy}`; + + await BrowserTestUtils.withNewTab(referrerURL, async browser => { + let iframeURL = sameSite + ? TEST_PAGE + "?show" + : TEST_CROSS_SITE_PAGE + "?show"; + + // Create an iframe and load the url. + await SpecialPowers.spawn(browser, [iframeURL], async url => { + let iframe = content.document.createElement("iframe"); + iframe.src = url; + + await new content.Promise(resolve => { + iframe.onload = () => { + resolve(); + }; + + content.document.body.appendChild(iframe); + }); + }); + + verifyTelemetry(test.expected, sameSite); + }); + } + } +}); diff --git a/dom/security/test/referrer-policy/file_fragment_navigation.sjs b/dom/security/test/referrer-policy/file_fragment_navigation.sjs new file mode 100644 index 0000000000..5fb6f0d826 --- /dev/null +++ b/dom/security/test/referrer-policy/file_fragment_navigation.sjs @@ -0,0 +1,21 @@ +/* Any copyright is dedicated to the Public Domain. + http://creativecommons.org/publicdomain/zero/1.0/ */ + +function handleRequest(request, response) { + if ( + request.queryString === "check_referrer" && + (!request.hasHeader("referer") || + request.getHeader("referer") !== + "https://example.com/browser/dom/security/test/referrer-policy/file_fragment_navigation.sjs") + ) { + response.setStatusLine(request.httpVersion, 400, "Bad Request"); + response.write("Did not receive referrer"); + } else { + response.setHeader("Content-Type", "text/html"); + response.write( + `OK +check_referrer +fragment` + ); + } +} diff --git a/dom/security/test/referrer-policy/img_referrer_testserver.sjs b/dom/security/test/referrer-policy/img_referrer_testserver.sjs new file mode 100644 index 0000000000..7fcc8d4914 --- /dev/null +++ b/dom/security/test/referrer-policy/img_referrer_testserver.sjs @@ -0,0 +1,337 @@ +var BASE_URL = + "example.com/tests/dom/security/test/referrer-policy/img_referrer_testserver.sjs"; +const IMG_BYTES = atob( + "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" + + "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==" +); + +function createTestUrl(aPolicy, aAction, aName, aContent) { + var content = aContent || "text"; + return ( + "http://" + + BASE_URL + + "?" + + "action=" + + aAction + + "&" + + "policy=" + + aPolicy + + "&" + + "name=" + + aName + + "&" + + "content=" + + content + ); +} + +function createTestPage(aHead, aImgPolicy, aName) { + var _createTestUrl = createTestUrl.bind(null, aImgPolicy, "test", aName); + + return ( + "\n\ + " + + aHead + + '\n\ + \n\ + \n\ + \n\ + " + ); +} + +// Creates the following test cases for the specified referrer +// policy combination: +// with referrer +function createTest(aPolicy, aImgPolicy, aName) { + var headString = ""; + if (aPolicy) { + headString += ''; + } + + headString += ""; + + return createTestPage(headString, aImgPolicy, aName); +} + +// testing regular load img with referrer policy +// speculative parser should not kick in here +function createTest2(aImgPolicy, name) { + return createTestPage("", aImgPolicy, name); +} + +function createTest3(aImgPolicy1, aImgPolicy2, aImgPolicy3, aName) { + return ( + '\n\ + \n\ + \n\ + \n\ + \n\ + \n\ + \n\ + \n\ + " + ); +} + +function createTestPage2(aHead, aPolicy, aName) { + return ( + "\n\ + " + + aHead + + '\n\ + \n\ + \n\ + \n\ + " + ); +} + +function createTestPage3(aHead, aPolicy, aName) { + return ( + "\n\ + " + + aHead + + "\n\ + \n\ + \n\ + " + ); +} + +function createTestPage4(aHead, aPolicy, aName) { + return ( + "\n\ + " + + aHead + + "\n\ + \n\ + \n\ + " + ); +} + +function createSetAttributeTest1(aPolicy, aImgPolicy, aName) { + var headString = ""; + headString += ''; + headString += ""; + + return createTestPage3(headString, aImgPolicy, aName); +} + +function createSetAttributeTest2(aPolicy, aImgPolicy, aName) { + var headString = ""; + headString += ''; + headString += ""; + + return createTestPage4(headString, aImgPolicy, aName); +} + +function createTest4(aPolicy, aName) { + var headString = ""; + headString += ''; + headString += ""; + + return createTestPage2(headString, aPolicy, aName); +} + +function createTest5(aPolicy, aName) { + var headString = ""; + headString += ''; + + return createTestPage2(headString, aPolicy, aName); +} + +function handleRequest(request, response) { + var sharedKey = "img_referrer_testserver.sjs"; + var params = request.queryString.split("&"); + var action = params[0].split("=")[1]; + + response.setHeader("Cache-Control", "no-cache", false); + response.setHeader("Content-Type", "text/html; charset=utf-8", false); + + if (action === "resetState") { + let state = getSharedState(sharedKey); + state = {}; + setSharedState(sharedKey, JSON.stringify(state)); + response.write(""); + return; + } + if (action === "test") { + // ?action=test&policy=origin&name=name&content=content + let policy = params[1].split("=")[1]; + let name = params[2].split("=")[1]; + let content = params[3].split("=")[1]; + let result = getSharedState(sharedKey); + + if (result === "") { + result = {}; + } else { + result = JSON.parse(result); + } + + if (!result.tests) { + result.tests = {}; + } + + var referrerLevel = "none"; + var test = {}; + if (request.hasHeader("Referer")) { + let referrer = request.getHeader("Referer"); + if (referrer.indexOf("img_referrer_testserver") > 0) { + referrerLevel = "full"; + } else if (referrer == "http://mochi.test:8888/") { + referrerLevel = "origin"; + } + test.referrer = request.getHeader("Referer"); + } else { + test.referrer = ""; + } + test.policy = referrerLevel; + test.expected = policy; + + result.tests[name] = test; + + setSharedState(sharedKey, JSON.stringify(result)); + + if (content === "image") { + response.setHeader("Content-Type", "image/png"); + response.write(IMG_BYTES); + } + return; + } + if (action === "get-test-results") { + // ?action=get-result + response.write(getSharedState(sharedKey)); + return; + } + if (action === "generate-img-policy-test") { + // ?action=generate-img-policy-test&imgPolicy=b64-encoded-string&name=name&policy=b64-encoded-string + let imgPolicy = unescape(params[1].split("=")[1]); + let name = unescape(params[2].split("=")[1]); + let metaPolicy = ""; + if (params[3]) { + metaPolicy = params[3].split("=")[1]; + } + + response.write(createTest(metaPolicy, imgPolicy, name)); + return; + } + if (action === "generate-img-policy-test2") { + // ?action=generate-img-policy-test2&imgPolicy=b64-encoded-string&name=name + let imgPolicy = unescape(params[1].split("=")[1]); + let name = unescape(params[2].split("=")[1]); + + response.write(createTest2(imgPolicy, name)); + return; + } + if (action === "generate-img-policy-test3") { + // ?action=generate-img-policy-test3&imgPolicy1=b64-encoded-string&imgPolicy2=b64-encoded-string&imgPolicy3=b64-encoded-string&name=name + let imgPolicy1 = unescape(params[1].split("=")[1]); + let imgPolicy2 = unescape(params[2].split("=")[1]); + let imgPolicy3 = unescape(params[3].split("=")[1]); + let name = unescape(params[4].split("=")[1]); + + response.write(createTest3(imgPolicy1, imgPolicy2, imgPolicy3, name)); + return; + } + if (action === "generate-img-policy-test4") { + // ?action=generate-img-policy-test4&imgPolicy=b64-encoded-string&name=name + let policy = unescape(params[1].split("=")[1]); + let name = unescape(params[2].split("=")[1]); + + response.write(createTest4(policy, name)); + return; + } + if (action === "generate-img-policy-test5") { + // ?action=generate-img-policy-test5&policy=b64-encoded-string&name=name + let policy = unescape(params[1].split("=")[1]); + let name = unescape(params[2].split("=")[1]); + + response.write(createTest5(policy, name)); + return; + } + + if (action === "generate-setAttribute-test1") { + // ?action=generate-setAttribute-test1&policy=b64-encoded-string&name=name + let imgPolicy = unescape(params[1].split("=")[1]); + let policy = unescape(params[2].split("=")[1]); + let name = unescape(params[3].split("=")[1]); + + response.write(createSetAttributeTest1(policy, imgPolicy, name)); + return; + } + + if (action === "generate-setAttribute-test2") { + // ?action=generate-setAttribute-test2&policy=b64-encoded-string&name=name + let imgPolicy = unescape(params[1].split("=")[1]); + let policy = unescape(params[2].split("=")[1]); + let name = unescape(params[3].split("=")[1]); + + response.write(createSetAttributeTest2(policy, imgPolicy, name)); + return; + } + + response.write("I don't know action " + action); +} diff --git a/dom/security/test/referrer-policy/mochitest.toml b/dom/security/test/referrer-policy/mochitest.toml new file mode 100644 index 0000000000..89a54ad554 --- /dev/null +++ b/dom/security/test/referrer-policy/mochitest.toml @@ -0,0 +1,28 @@ +[DEFAULT] +support-files = [ + "img_referrer_testserver.sjs", + "referrer_header.sjs", + "referrer_header_current_document_iframe.html", + "referrer_helper.js", + "referrer_testserver.sjs", +] + +["test_img_referrer.html"] +skip-if = [ + "http3", + "http2", +] + +["test_referrer_header_current_document.html"] +skip-if = [ + "http3", + "http2", +] + +["test_referrer_redirect.html"] +# Please keep alphabetical order. +skip-if = [ + "http3", + "http2", +] + diff --git a/dom/security/test/referrer-policy/referrer_header.sjs b/dom/security/test/referrer-policy/referrer_header.sjs new file mode 100644 index 0000000000..29c324b8f6 --- /dev/null +++ b/dom/security/test/referrer-policy/referrer_header.sjs @@ -0,0 +1,6 @@ +function handleRequest(request, response) { + response.setHeader("Referrer-Policy", "same-origin"); + response.write( + 'Loaded' + ); +} diff --git a/dom/security/test/referrer-policy/referrer_header_current_document_iframe.html b/dom/security/test/referrer-policy/referrer_header_current_document_iframe.html new file mode 100644 index 0000000000..5996c8ba8a --- /dev/null +++ b/dom/security/test/referrer-policy/referrer_header_current_document_iframe.html @@ -0,0 +1,12 @@ + + + + + + + Navigate + diff --git a/dom/security/test/referrer-policy/referrer_helper.js b/dom/security/test/referrer-policy/referrer_helper.js new file mode 100644 index 0000000000..b892017eef --- /dev/null +++ b/dom/security/test/referrer-policy/referrer_helper.js @@ -0,0 +1,129 @@ +// This helper expects these globals to be defined. +/* global PARAMS, SJS, testCases */ + +/* + * common functionality for iframe, anchor, and area referrer attribute tests + */ +const GET_RESULT = SJS + "ACTION=get-test-results"; +const RESET_STATE = SJS + "ACTION=resetState"; + +SimpleTest.waitForExplicitFinish(); +var advance = function () { + tests.next(); +}; + +/** + * Listen for notifications from the child. + * These are sent in case of error, or when the loads we await have completed. + */ +window.addEventListener("message", function (event) { + if (event.data == "childLoadComplete") { + // all loads happen, continue the test. + advance(); + } +}); + +/** + * helper to perform an XHR + * to do checkIndividualResults and resetState + */ +function doXHR(aUrl, onSuccess, onFail) { + // The server is at http[s]://example.com so we need cross-origin XHR. + var xhr = new XMLHttpRequest({ mozSystem: true }); + xhr.responseType = "json"; + xhr.onload = function () { + onSuccess(xhr); + }; + xhr.onerror = function () { + onFail(xhr); + }; + xhr.open("GET", "http" + aUrl, true); + xhr.send(null); +} + +/** + * Grabs the results via XHR and passes to checker. + */ +function checkIndividualResults(aTestname, aExpectedReferrer, aName) { + var onload = xhr => { + var results = xhr.response; + info(JSON.stringify(xhr.response)); + ok(aName in results, aName + " tests have to be performed."); + is( + results[aName].policy, + aExpectedReferrer, + aTestname + + " --- " + + results[aName].policy + + " (" + + results[aName].referrer + + ")" + ); + advance(); + }; + var onerror = xhr => { + ok(false, "Can't get results from the counter server."); + SimpleTest.finish(); + }; + doXHR(GET_RESULT, onload, onerror); +} + +function resetState() { + doXHR(RESET_STATE, advance, function (xhr) { + ok(false, "error in reset state"); + SimpleTest.finish(); + }); +} + +/** + * testing if referrer header is sent correctly + */ +var tests = (function* () { + yield SpecialPowers.pushPrefEnv( + { set: [["security.mixed_content.block_active_content", false]] }, + advance + ); + yield SpecialPowers.pushPrefEnv( + { set: [["network.http.referer.disallowCrossSiteRelaxingDefault", false]] }, + advance + ); + yield SpecialPowers.pushPermissions( + [{ type: "systemXHR", allow: true, context: document }], + advance + ); + + var iframe = document.getElementById("testframe"); + + for (var j = 0; j < testCases.length; j++) { + if (testCases[j].PREFS) { + yield SpecialPowers.pushPrefEnv({ set: testCases[j].PREFS }, advance); + } + + var actions = testCases[j].ACTION; + var subTests = testCases[j].TESTS; + for (var k = 0; k < actions.length; k++) { + var actionString = actions[k]; + for (var i = 0; i < subTests.length; i++) { + yield resetState(); + var searchParams = new URLSearchParams(); + searchParams.append("ACTION", actionString); + searchParams.append("NAME", subTests[i].NAME); + for (var l of PARAMS) { + if (subTests[i][l]) { + searchParams.append(l, subTests[i][l]); + } + } + var schemeFrom = subTests[i].SCHEME_FROM || "http"; + yield (iframe.src = schemeFrom + SJS + searchParams.toString()); + yield checkIndividualResults( + subTests[i].DESC, + subTests[i].RESULT, + subTests[i].NAME + ); + } + } + } + + // complete. + SimpleTest.finish(); +})(); diff --git a/dom/security/test/referrer-policy/referrer_page.sjs b/dom/security/test/referrer-policy/referrer_page.sjs new file mode 100644 index 0000000000..2cfae0d398 --- /dev/null +++ b/dom/security/test/referrer-policy/referrer_page.sjs @@ -0,0 +1,39 @@ +function handleRequest(request, response) { + let params = new URLSearchParams(request.queryString); + let referrerPolicyHeader = params.get("header") || ""; + let metaReferrerPolicy = params.get("meta") || ""; + let showReferrer = params.has("show"); + + if (referrerPolicyHeader) { + response.setHeader("Referrer-Policy", referrerPolicyHeader, false); + } + + let metaString = ""; + let resultString = ""; + + if (metaReferrerPolicy) { + metaString = ``; + } + + if (showReferrer) { + if (request.hasHeader("Referer")) { + resultString = `Referer Header: ${request.getHeader( + "Referer" + )}`; + } else { + resultString = `Referer Header: `; + } + } + + response.write( + ` + + + ${metaString} + + + ${resultString} + + ` + ); +} diff --git a/dom/security/test/referrer-policy/referrer_testserver.sjs b/dom/security/test/referrer-policy/referrer_testserver.sjs new file mode 100644 index 0000000000..9f112e88dc --- /dev/null +++ b/dom/security/test/referrer-policy/referrer_testserver.sjs @@ -0,0 +1,704 @@ +/* + * Test server for iframe, anchor, and area referrer attributes. + * https://bugzilla.mozilla.org/show_bug.cgi?id=1175736 + * Also server for further referrer tests such as redirecting tests + * bug 1174913, bug 1175736, bug 1184781 + */ + +const SJS = "referrer_testserver.sjs?"; +const SJS_PATH = "/tests/dom/security/test/referrer-policy/"; +const BASE_ORIGIN = "example.com"; +const BASE_URL = BASE_ORIGIN + SJS_PATH + SJS; +const SHARED_KEY = SJS; +const SAME_ORIGIN = "mochi.test:8888" + SJS_PATH + SJS; +const CROSS_ORIGIN_URL = "test1.example.com" + SJS_PATH + SJS; +const HSTS_URL = "includesubdomains.preloaded.test" + SJS_PATH + SJS; + +const IMG_BYTES = atob( + "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" + + "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==" +); + +function createTestUrl( + aPolicy, + aAction, + aName, + aType, + aSchemeFrom, + aSchemeTo, + crossOrigin, + referrerPolicyHeader +) { + var schemeTo = aSchemeTo || "http"; + var schemeFrom = aSchemeFrom || "http"; + var rpHeader = referrerPolicyHeader || ""; + var url = schemeTo + "://"; + url += crossOrigin ? CROSS_ORIGIN_URL : BASE_URL; + url += + "ACTION=" + + aAction + + "&" + + "policy=" + + aPolicy + + "&" + + "NAME=" + + aName + + "&" + + "type=" + + aType + + "&" + + "RP_HEADER=" + + rpHeader + + "&" + + "SCHEME_FROM=" + + schemeFrom; + return url; +} + +// test page using iframe referrer attribute +// if aParams are set this creates a test where the iframe url is a redirect +function createIframeTestPageUsingRefferer( + aMetaPolicy, + aAttributePolicy, + aNewAttributePolicy, + aName, + aParams, + aSchemeFrom, + aSchemeTo, + aChangingMethod +) { + var metaString = ""; + if (aMetaPolicy) { + metaString = ``; + } + var changeString = ""; + if (aChangingMethod === "setAttribute") { + changeString = `document.getElementById("myframe").setAttribute("referrerpolicy", "${aNewAttributePolicy}")`; + } else if (aChangingMethod === "property") { + changeString = `document.getElementById("myframe").referrerPolicy = "${aNewAttributePolicy}"`; + } + var iFrameString = ``; + var iframeUrl = ""; + if (aParams) { + aParams.delete("ACTION"); + aParams.append("ACTION", "redirectIframe"); + iframeUrl = "http://" + CROSS_ORIGIN_URL + aParams.toString(); + } else { + iframeUrl = createTestUrl( + aAttributePolicy, + "test", + aName, + "iframe", + aSchemeFrom, + aSchemeTo + ); + } + + return ` + + + ${metaString} + + + ${iFrameString} + + + `; +} + +function buildAnchorString( + aMetaPolicy, + aReferrerPolicy, + aName, + aRelString, + aSchemeFrom, + aSchemeTo +) { + if (aReferrerPolicy) { + return `${aReferrerPolicy}`; + } + return `link`; +} + +function buildAreaString( + aMetaPolicy, + aReferrerPolicy, + aName, + aRelString, + aSchemeFrom, + aSchemeTo +) { + var result = `image`; + result += ``; + if (aReferrerPolicy) { + result += `theArea`; + } else { + result += `theArea`; + } + result += ``; + + return result; +} + +// test page using anchor or area referrer attribute +function createAETestPageUsingRefferer( + aMetaPolicy, + aAttributePolicy, + aNewAttributePolicy, + aName, + aRel, + aStringBuilder, + aSchemeFrom, + aSchemeTo, + aChangingMethod +) { + var metaString = ""; + if (aMetaPolicy) { + metaString = ``; + } + var changeString = ""; + if (aChangingMethod === "setAttribute") { + changeString = `document.getElementById("link").setAttribute("referrerpolicy", "${aNewAttributePolicy}")`; + } else if (aChangingMethod === "property") { + changeString = `document.getElementById("link").referrerPolicy = "${aNewAttributePolicy}"`; + } + var relString = ""; + if (aRel) { + relString = `rel="noreferrer"`; + } + var elementString = aStringBuilder( + aMetaPolicy, + aAttributePolicy, + aName, + relString, + aSchemeFrom, + aSchemeTo + ); + + return ` + + ${metaString} + + ${elementString} + + + `; +} + +// test page using anchor target=_blank rel=noopener +function createTargetBlankRefferer( + aMetaPolicy, + aName, + aSchemeFrom, + aSchemeTo, + aRpHeader +) { + var metaString = ""; + if (aMetaPolicy) { + metaString = ``; + } + var elementString = `link`; + + return ` + + ${metaString} + + ${elementString} + + + `; +} + +// creates test page with img that is a redirect +function createImgTestCase(aParams, aAttributePolicy, aRedirect) { + var metaString = ""; + if (aParams.has("META_POLICY")) { + metaString = ``; + } + aParams.delete("ACTION"); + if (aRedirect) { + aParams.append("ACTION", "redirectImg"); + } else { + aParams.append("ACTION", "test"); + aParams.append("type", "img"); + } + var imgUrl = + "http://" + + (aParams.get("HSTS") ? HSTS_URL : CROSS_ORIGIN_URL) + + aParams.toString(); + + return ` + + + + ${metaString} + Test referrer policies on redirect (img) + + + + + + `; +} + +// test page using link referrer attribute +function createLinkPageUsingRefferer( + aMetaPolicy, + aAttributePolicy, + aNewAttributePolicy, + aName, + aRel, + aStringBuilder, + aSchemeFrom, + aSchemeTo, + aTestType +) { + var metaString = ""; + if (aMetaPolicy) { + metaString = ``; + } + + var changeString = ""; + var policy = aAttributePolicy ? aAttributePolicy : aMetaPolicy; + var elementString = aStringBuilder( + policy, + aName, + aRel, + aSchemeFrom, + aSchemeTo, + aTestType + ); + + if (aTestType === "setAttribute") { + changeString = `var link = document.getElementById("test_link"); + link.setAttribute("referrerpolicy", "${aNewAttributePolicy}"); + link.href = "${createTestUrl( + policy, + "test", + aName, + "link_element_" + aRel, + aSchemeFrom, + aSchemeTo + )}";`; + } else if (aTestType === "property") { + changeString = `var link = document.getElementById("test_link"); + link.referrerPolicy = "${aNewAttributePolicy}"; + link.href = "${createTestUrl( + policy, + "test", + aName, + "link_element_" + aRel, + aSchemeFrom, + aSchemeTo + )}";`; + } + + return ` + + + ${metaString} + + + ${elementString} + + + `; +} + +function createFetchUserControlRPTestCase( + aName, + aSchemeFrom, + aSchemeTo, + crossOrigin +) { + var srcUrl = createTestUrl( + "", + "test", + aName, + "fetch", + aSchemeFrom, + aSchemeTo, + crossOrigin + ); + + return ` + + + + Test user control referrer policies + + + + + `; +} + +function buildLinkString( + aPolicy, + aName, + aRel, + aSchemeFrom, + aSchemeTo, + aTestType +) { + var href = ""; + var onChildComplete = `window.parent.postMessage("childLoadComplete", "http://mochi.test:8888");`; + var policy = ""; + var asString = ""; + var relString = ""; + + if (aRel) { + relString = `rel="${aRel}"`; + } + + if (aPolicy) { + policy = `referrerpolicy=${aPolicy}`; + } + + if (aRel == "preload") { + asString = 'as="image"'; + } + + if (!aTestType) { + href = `href=${createTestUrl( + aPolicy, + "test", + aName, + "link_element_" + aRel, + aSchemeFrom, + aSchemeTo + )}`; + } + + return ``; +} +// eslint-disable-next-line complexity +function handleRequest(request, response) { + var params = new URLSearchParams(request.queryString); + var action = params.get("ACTION"); + var schemeFrom = params.get("SCHEME_FROM") || "http"; + var schemeTo = params.get("SCHEME_TO") || "http"; + var crossOrigin = params.get("CROSS_ORIGIN") || false; + var referrerPolicyHeader = params.get("RP_HEADER") || ""; + + response.setHeader("Access-Control-Allow-Origin", "*", false); + if (referrerPolicyHeader) { + response.setHeader("Referrer-Policy", referrerPolicyHeader, false); + } + + if (action === "resetState") { + setSharedState(SHARED_KEY, "{}"); + response.write(""); + return; + } + if (action === "get-test-results") { + // ?action=get-result + response.setHeader("Cache-Control", "no-cache", false); + response.setHeader("Content-Type", "text/plain", false); + response.write(getSharedState(SHARED_KEY)); + return; + } + if (action === "redirect") { + response.write( + '' + ); + return; + } + if (action === "redirectImg") { + params.delete("ACTION"); + params.append("ACTION", "test"); + params.append("type", "img"); + // 302 found, 301 Moved Permanently, 303 See Other, 307 Temporary Redirect + response.setStatusLine("1.1", 302, "found"); + response.setHeader( + "Location", + "http://" + CROSS_ORIGIN_URL + params.toString(), + false + ); + return; + } + if (action === "redirectIframe") { + params.delete("ACTION"); + params.append("ACTION", "test"); + params.append("type", "iframe"); + // 302 found, 301 Moved Permanently, 303 See Other, 307 Temporary Redirect + response.setStatusLine("1.1", 302, "found"); + response.setHeader( + "Location", + "http://" + CROSS_ORIGIN_URL + params.toString(), + false + ); + return; + } + if (action === "test") { + // ?action=test&policy=origin&name=name + let policy = params.get("policy"); + let name = params.get("NAME"); + let type = params.get("type"); + let result = getSharedState(SHARED_KEY); + + result = result ? JSON.parse(result) : {}; + + var referrerLevel = "none"; + var test = {}; + if (request.hasHeader("Referer")) { + var referrer = request.getHeader("Referer"); + if (referrer.indexOf("referrer_testserver") > 0) { + referrerLevel = "full"; + } else if (referrer.indexOf(schemeFrom + "://example.com") == 0) { + referrerLevel = "origin"; + } else { + // this is never supposed to happen + referrerLevel = "other-origin"; + } + test.referrer = referrer; + } else { + test.referrer = ""; + } + test.policy = referrerLevel; + test.expected = policy; + + result[name] = test; + + setSharedState(SHARED_KEY, JSON.stringify(result)); + + if (type === "img" || type == "link_element_preload") { + // return image + response.setHeader("Content-Type", "image/png"); + response.write(IMG_BYTES); + return; + } + if (type === "iframe") { + // return iframe page + response.write("I am the iframe"); + return; + } + if (type === "link") { + // forward link click to redirect URL to finish test + var loc = "http://" + BASE_URL + "ACTION=redirect"; + response.setStatusLine("1.1", 302, "Found"); + response.setHeader("Location", loc, false); + } + return; + } + + response.setHeader("Cache-Control", "no-cache", false); + response.setHeader("Content-Type", "text/html; charset=utf-8", false); + + // parse test arguments and start test + var attributePolicy = params.get("ATTRIBUTE_POLICY") || ""; + var newAttributePolicy = params.get("NEW_ATTRIBUTE_POLICY") || ""; + var metaPolicy = params.get("META_POLICY") || ""; + var rel = params.get("REL") || ""; + var name = params.get("NAME"); + + // anchor & area + var _getPage = createAETestPageUsingRefferer.bind( + null, + metaPolicy, + attributePolicy, + newAttributePolicy, + name, + rel + ); + var _getAnchorPage = _getPage.bind( + null, + buildAnchorString, + schemeFrom, + schemeTo + ); + var _getAreaPage = _getPage.bind(null, buildAreaString, schemeFrom, schemeTo); + + // aMetaPolicy, aAttributePolicy, aNewAttributePolicy, aName, aChangingMethod, aStringBuilder + if (action === "generate-anchor-policy-test") { + response.write(_getAnchorPage()); + return; + } + if (action === "generate-anchor-changing-policy-test-set-attribute") { + response.write(_getAnchorPage("setAttribute")); + return; + } + if (action === "generate-anchor-changing-policy-test-property") { + response.write(_getAnchorPage("property")); + return; + } + if (action === "generate-area-policy-test") { + response.write(_getAreaPage()); + return; + } + if (action === "generate-area-changing-policy-test-set-attribute") { + response.write(_getAreaPage("setAttribute")); + return; + } + if (action === "generate-area-changing-policy-test-property") { + response.write(_getAreaPage("property")); + return; + } + if (action === "generate-anchor-target-blank-policy-test") { + response.write( + createTargetBlankRefferer( + metaPolicy, + name, + schemeFrom, + schemeTo, + referrerPolicyHeader + ) + ); + return; + } + + // iframe + _getPage = createIframeTestPageUsingRefferer.bind( + null, + metaPolicy, + attributePolicy, + newAttributePolicy, + name, + "", + schemeFrom, + schemeTo + ); + + // aMetaPolicy, aAttributePolicy, aNewAttributePolicy, aName, aChangingMethod + if (action === "generate-iframe-policy-test") { + response.write(_getPage()); + return; + } + if (action === "generate-iframe-changing-policy-test-set-attribute") { + response.write(_getPage("setAttribute")); + return; + } + if (action === "generate-iframe-changing-policy-test-property") { + response.write(_getPage("property")); + return; + } + + // redirect tests with img and iframe + if (action === "generate-img-redirect-policy-test") { + response.write(createImgTestCase(params, attributePolicy, true)); + return; + } + if (action === "generate-iframe-redirect-policy-test") { + response.write( + createIframeTestPageUsingRefferer( + metaPolicy, + attributePolicy, + newAttributePolicy, + name, + params, + schemeFrom, + schemeTo + ) + ); + return; + } + + if (action === "generate-img-policy-test") { + response.write(createImgTestCase(params, attributePolicy, false)); + return; + } + + _getPage = createLinkPageUsingRefferer.bind( + null, + metaPolicy, + attributePolicy, + newAttributePolicy, + name, + rel + ); + var _getLinkPage = _getPage.bind(null, buildLinkString, schemeFrom, schemeTo); + + // link + if (action === "generate-link-policy-test") { + response.write(_getLinkPage()); + return; + } + if (action === "generate-link-policy-test-set-attribute") { + response.write(_getLinkPage("setAttribute")); + return; + } + if (action === "generate-link-policy-test-property") { + response.write(_getLinkPage("property")); + return; + } + + if (action === "generate-fetch-user-control-policy-test") { + response.write( + createFetchUserControlRPTestCase(name, schemeFrom, schemeTo, crossOrigin) + ); + return; + } + + response.write("I don't know action " + action); +} diff --git a/dom/security/test/referrer-policy/test_img_referrer.html b/dom/security/test/referrer-policy/test_img_referrer.html new file mode 100644 index 0000000000..fcc80929d2 --- /dev/null +++ b/dom/security/test/referrer-policy/test_img_referrer.html @@ -0,0 +1,190 @@ + + + + + Test img policy attribute for Bug 1166910 + + + + + + + + + + + + + diff --git a/dom/security/test/referrer-policy/test_referrer_header_current_document.html b/dom/security/test/referrer-policy/test_referrer_header_current_document.html new file mode 100644 index 0000000000..27dc54a21f --- /dev/null +++ b/dom/security/test/referrer-policy/test_referrer_header_current_document.html @@ -0,0 +1,35 @@ + + + + + Test referrer header not affecting document.referrer for current document for Bug 1601743 + + + + + + + + + + diff --git a/dom/security/test/referrer-policy/test_referrer_redirect.html b/dom/security/test/referrer-policy/test_referrer_redirect.html new file mode 100644 index 0000000000..df7a75a19c --- /dev/null +++ b/dom/security/test/referrer-policy/test_referrer_redirect.html @@ -0,0 +1,171 @@ + + + + + Test anchor and area policy attribute for Bug 1184781 + + + + + + + + + + + + + -- cgit v1.2.3