1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
<title>
COOP reports are sent when the openee used COOP-RO+COEP and then its
same-origin opener tries to access it.
</title>
<meta name=timeout content=long>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=/common/get-host-info.sub.js></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="/html/cross-origin-opener-policy/reporting/resources/reporting-common.js"></script>
<script src="/html/cross-origin-opener-policy/reporting/resources/try-access.js"></script>
<script>
const directory = "/html/cross-origin-opener-policy";
const redirect_path = directory + "/resources/redirect.py?";
const same_origin = get_host_info().HTTPS_ORIGIN;
let runTest = (openee_redirect, name) => promise_test(async t => {
const report_token = token();
const openee_token = token();
const opener_token = token(); // The current test window.
const opener_url = location.href;
const reportTo = reportToHeaders(report_token);
const openee_url = same_origin + executor_path + reportTo.header +
reportTo.coopReportOnlySameOriginHeader + coep_header +
`&uuid=${openee_token}`;
const openee_redirect_url = same_origin + redirect_path + openee_url
const openee_requested_url = openee_redirect ? openee_redirect_url
: openee_url;
const openee = window.open(openee_requested_url);
t.add_cleanup(() => send(openee_token, "window.close()"))
// 1. Make sure the new document to be loaded.
send(openee_token, `
send("${opener_token}", "Ready");
`);
let reply = await receive(opener_token);
assert_equals(reply, "Ready");
// 2. Try to access the openee. A report is sent, because of COOP-RO+COEP.
tryAccess(openee);
// 3. Check a report is sent to the openee.
let report =
await receiveReport(report_token, "access-to-coop-page-from-opener")
assert_equals(report.type, "coop");
assert_equals(report.url, openee_url.replace(/"/g, '%22'));
assert_equals(report.body.disposition, "reporting");
assert_equals(report.body.effectivePolicy, "same-origin-plus-coep");
assert_equals(report.body.property, "blur");
assert_source_location_missing(report);
assert_equals(report.body.openerURL, opener_url);
assert_equals(report.body.openeeURL, undefined);
assert_equals(report.body.otherDocumentURL, undefined);
assert_equals(report.body.referrer, opener_url);
assert_equals(report.body.initialPopupURL, undefined);
}, name);
runTest(false, "access-to-coop-page-from-opener, same-origin");
runTest(true , "access-to-coop-page-from-opener, same-origin + redirect");
</script>
|
