dom/base/test/test_anchor_target_blank_referrer.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139

<!DOCTYPE HTML>
<html>
<head>
  <meta charset="utf-8">
  <title>Test anchor target=_blank rel=noopener referrer header for Bug 1502678</title>
  <script src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
  <link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"/>

  <!--
  Testing that anchor referrer header are honoured correctly
  * anchor tag with rel=noopener target=_blank
  https://bugzilla.mozilla.org/show_bug.cgi?id=1502678
  -->

  <script type="application/javascript">
  // We are going to open new tabs with target=_blank and rel=noopener
  // Listen a new tab is opened then close the new tab, otherwise we will lose
  // focus for the next tests
  const {BrowserTestUtils} = ChromeUtils.importESModule(
    "resource://testing-common/BrowserTestUtils.sys.mjs"
  );
  const gBrowser = Services.wm.getMostRecentWindow("navigator:browser").gBrowser;
  window.addEventListener("message", function(event) {
    if (event.data == "childLoadReady") {
      BrowserTestUtils.waitForNewTab(gBrowser, null,
        true).then(function(aNewTab) {
          BrowserTestUtils.removeTab(aNewTab);
          advance();
        });
    }
  });

  const SJS = "://example.com/tests/dom/base/test/referrer_testserver.sjs?";
  const PARAMS = ["RP_HEADER", "META_POLICY", "REL", "SCHEME_FROM", "SCHEME_TO"];

  const testCases = [
    {ACTION: ["generate-anchor-target-blank-policy-test"],
      PREFS: [
        ["dom.security.https_first", false], // need to test http and https
      ],
      TESTS: [
        // Referrer policy is set in meta
        {NAME: 'origin-in-meta-rel-noopener',
         META_POLICY: 'origin',
         DESC: "origin in meta and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'origin'},
        {NAME: 'unsafe-url-in-meta-rel-noopener',
         META_POLICY: 'unsafe-url',
         DESC: "unsafe-url in meta and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'full'},
        {NAME: 'no-referrer-in-meta-rel-noopener',
         META_POLICY: 'no-referrer',
         DESC: "no-referrer in meta and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'strict-origin-in-meta-rel-noopener',
         META_POLICY: 'strict-origin',
         DESC: "strict-origin in meta and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'strict-origin-when-cross-origin-in-meta-rel-noopener',
         META_POLICY: 'strict-origin-when-cross-origin',
         DESC: "strict-origin-when-cross-origin in meta and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'same-origin-in-meta-rel-noopener',
         META_POLICY: 'same-origin',
         DESC: "same-origin in meta and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'no-meta-rel-noopener',
         META_POLICY: '',
         DESC: "no meta and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},

        // Referrer policy is set in Referrer-Policy Header
        {NAME: 'origin-in-referrer-policy-header-rel-noopener',
         RP_HEADER: 'origin',
         DESC: "origin in Referrer-Policy Header and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'origin'},
        {NAME: 'unsafe-url-in-referrer-policy-header-rel-noopener',
         RP_HEADER: 'unsafe-url',
         DESC: "unsafe-url in Referrer-Policy Header and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'full'},
        {NAME: 'no-referrer-in-referrer-policy-header-rel-noopener',
         RP_HEADER: 'no-referrer',
         DESC: "no-referrer in Referrer-Policy Header and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'strict-origin-in-referrer-policy-header-rel-noopener',
         RP_HEADER: 'strict-origin',
         DESC: "strict-origin in Referrer-Policy Header and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'strict-origin-when-cross-origin-in-referrer-policy-header-rel-noopener',
         RP_HEADER: 'strict-origin-when-cross-origin',
         DESC: "strict-origin-when-cross-origin in Referrer-Policy Header and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'same-origin-in-referrer-policy-header-rel-noopener',
         RP_HEADER: 'same-origin',
         DESC: "same-origin in Referrer-Policy Header and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'},
        {NAME: 'no-referrer-policy-header-rel-noopener',
         RP_HEADER: '',
         DESC: "no Referrer-Policy Header and rel=noopener",
         SCHEME_FROM: 'https',
         SCHEME_TO: 'http',
         RESULT: 'none'}

      ]}
  ];
  </script>
  <script type="application/javascript" src="referrer_helper.js"></script>
</head>
<body onload="tests.next();">
  <iframe id="testframe"></iframe>
</body>
</html>