1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
<meta name=timeout content=long>
<title>reporting same origin with report-to</title>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="/html/cross-origin-opener-policy/resources/common.js"></script>
<script
src="/html/cross-origin-opener-policy/reporting/resources/reporting-common.js?pipe=sub&report_id=6a739c25-0ec5-4832-b4a3-847281006857&report_only_id=f91209ee-b3a3-474b-b337-d663533745fb"></script>
<script>
let tests = [
// popup origin, popup COOP, popup COEP, popup COOP report only, popup COEP report only, expected reports
// Open a same-origin popup with a same-origin COOP and no COEP. Produces two
// reports (one from and one to). Both pages being same origin, the
// next/pervious document urls are available.
[
SAME_ORIGIN,
`same-origin; report-to="${popupReportEndpoint.name}"`,
"",
"",
"",
[
{
"endpoint": reportEndpoint,
"report": {
"body": {
"disposition": "enforce",
"effectivePolicy": "same-origin-allow-popups",
"nextResponseURL": /uuid=EXECUTOR_UUID$/, // next document URL
"type": "navigation-from-response"
},
"url": `${location.href}`,
"type": "coop"
}
},
{
"endpoint": popupReportEndpoint,
"report": {
"body": {
"disposition": "enforce",
"effectivePolicy": "same-origin",
"previousResponseURL": `${location.href}`, // previous documnent url
"referrer": `${location.origin}/`, // referrer (origin, as dictated by the referrer policy)
"type": "navigation-to-response"
},
"url": /uuid=EXECUTOR_UUID$/,
"type": "coop"
}
}
]
],
// Open a cross-origin popup with a same-origin-allow-popup COOP and noCOEP.
// Produces two reports (one from and one to). Both pages being cross origin,
// the next/pervious document urls are not available and the initial document
// url/referrer are used instead.
[
CROSS_ORIGIN,
`same-origin-allow-popups; report-to="${popupReportEndpoint.name}"`,
"require-corp",
"",
"",
[
{
"endpoint": reportEndpoint,
"report": {
"body": {
"disposition": "enforce",
"effectivePolicy": "same-origin-allow-popups",
"nextResponseURL": /uuid=EXECUTOR_UUID$/, // next document URL
"type": "navigation-from-response"
},
"url": `${location.href}`,
"type": "coop"
}
},
{
"endpoint": popupReportEndpoint,
"report": {
"body": {
"disposition": "enforce",
"effectivePolicy": "same-origin-allow-popups",
"previousResponseURL": ``,
"referrer": `${location.origin}/`, // referrer (origin, as dictated by the referrer policy)
"type": "navigation-to-response"
},
"url": /uuid=EXECUTOR_UUID$/,
"type": "coop"
}
}
]
],
// Open a cross-origin popup with a same-origin COOP and COEP, and no reporting.
// Produces one navigation-from-report for this document (the opener). The
// pages being cross origin, the next/pervious document urls are not available
// and the initial document url/referrer are used instead.
[
CROSS_ORIGIN,
`same-origin`,
"require-corp",
"",
"",
[
{
"endpoint": reportEndpoint,
"report": {
"body": {
"disposition": "enforce",
"effectivePolicy": "same-origin-allow-popups",
"nextResponseURL": /uuid=EXECUTOR_UUID$/, // initial navigation URL
"type": "navigation-from-response"
},
"url": `${location.href}`,
"type": "coop"
}
}
]
],
];
runNavigationReportingTests(document.title, tests);
</script>
|