1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
<!DOCTYPE html>
<title>Prefetch with the referrer policy specified in speculation rules</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="/common/subset-tests.js"></script>
<script src="/common/utils.js"></script>
<script src="../resources/utils.js"></script>
<script src="resources/utils.sub.js"></script>
<!--Split test cases due to the use of timeouts in speculation rules test utilities.-->
<meta name="variant" content="?1-1">
<meta name="variant" content="?2-2">
<meta name="variant" content="?3-3">
<meta name="variant" content="?4-4">
<meta name="variant" content="?5-5">
<meta name="variant" content="?6-6">
<meta name="variant" content="?7-last">
<script>
"use strict";
setup(() => assertSpeculationRulesIsSupported());
subsetTest(promise_test, async t => {
const agent = await spawnWindow(t);
await agent.setReferrerPolicy("strict-origin-when-cross-origin");
const expectedReferrer = agent.getExecutorURL().origin + "/";
const nextURL = agent.getExecutorURL({ page: 2 });
await agent.forceSinglePrefetch(nextURL, { referrer_policy: "strict-origin" });
await agent.navigate(nextURL);
const headers = await agent.getRequestHeaders();
assert_prefetched(headers, "must be prefetched");
assert_equals(headers.referer, expectedReferrer, "must send the origin as the referrer");
}, 'with "strict-origin" referrer policy in rule set overriding "strict-origin-when-cross-origin" of referring page');
subsetTest(promise_test, async t => {
const agent = await spawnWindow(t);
const next_url = agent.getExecutorURL({ page: 2 });
await agent.execute_script((url) => {
const a = addLink(url);
a.referrerPolicy = 'no-referrer';
insertDocumentRule(undefined, { referrer_policy: 'strict-origin' });
}, [next_url]);
await new Promise(resolve => t.step_timeout(resolve, 2000));
await agent.navigate(next_url);
const headers = await agent.getRequestHeaders();
assert_prefetched(headers, 'must be prefetched');
const expected_referrer = next_url.origin + '/';
assert_equals(headers.referer, expected_referrer, 'must send the origin as the referrer');
}, 'with "strict-origin" referrer policy in rule set override "no-referrer" of link');
subsetTest(promise_test, async t => {
const agent = await spawnWindow(t);
await agent.setReferrerPolicy("unsafe-url");
const nextURL = agent.getExecutorURL({ hostname: PREFETCH_PROXY_BYPASS_HOST, page: 2 });
await agent.forceSinglePrefetch(
nextURL, { referrer_policy: "no-referrer", requires: ["anonymous-client-ip-when-cross-origin"] });
await agent.navigate(nextURL);
// This referring page's referrer policy would not be eligible for
// cross-site prefetching, but setting a sufficiently strict policy in the
// rule allows for prefetching.
const headers = await agent.getRequestHeaders();
assert_prefetched(headers, "must be prefetched");
assert_equals(headers.referer, '', "must send no referrer");
}, 'with "no-referrer" referrer policy in rule set overriding "unsafe-url" of cross-site referring page');
subsetTest(promise_test, async t => {
const agent = await spawnWindow(t);
await agent.setReferrerPolicy("strict-origin-when-cross-origin");
const nextURL = agent.getExecutorURL({ page: 2 });
await agent.forceSinglePrefetch(nextURL, { referrer_policy: "no-referrrrrrrer" });
await agent.navigate(nextURL);
const headers = await agent.getRequestHeaders();
assert_not_prefetched(headers, "must not be prefetched");
}, 'unrecognized policies invalidate the rule');
subsetTest(promise_test, async t => {
const agent = await spawnWindow(t);
await agent.setReferrerPolicy("strict-origin-when-cross-origin");
const nextURL = agent.getExecutorURL({ page: 2 });
await agent.forceSinglePrefetch(nextURL, { referrer_policy: "never" });
await agent.navigate(nextURL);
const headers = await agent.getRequestHeaders();
assert_not_prefetched(headers, "must not be prefetched");
}, 'treat legacy referrer policy values as invalid');
subsetTest(promise_test, async t => {
const agent = await spawnWindow(t);
await agent.setReferrerPolicy("strict-origin");
const expectedReferrer = agent.getExecutorURL().origin + "/";
const nextURL = agent.getExecutorURL({ hostname: PREFETCH_PROXY_BYPASS_HOST, page: 2 });
await agent.forceSinglePrefetch(
nextURL, { referrer_policy: "unsafe-url", requires: ["anonymous-client-ip-when-cross-origin"] });
await agent.navigate(nextURL);
// This referring page's referrer policy would normally make it eligible for
// cross-site prefetching, but setting an unacceptable policy in the rule
// makes it ineligible.
const headers = await agent.getRequestHeaders();
assert_not_prefetched(headers, "must not be prefetched");
assert_equals(headers.referer, expectedReferrer, "must send the origin as the referrer");
}, 'with "unsafe-url" referrer policy in rule set overriding "strict-origin" of cross-site referring page');
subsetTest(promise_test, async t => {
const agent = await spawnWindow(t);
await agent.setReferrerPolicy("strict-origin");
const expectedReferrer = agent.getExecutorURL().origin + "/";
const nextURL = agent.getExecutorURL({ page: 2 });
// The empty string is a valid value for "referrer_policy" and will be
// treated as if the key were omitted.
await agent.forceSinglePrefetch(nextURL, { referrer_policy: "" });
await agent.navigate(nextURL);
const headers = await agent.getRequestHeaders();
assert_prefetched(headers, "must be prefetched");
assert_equals(headers.referer, expectedReferrer, "must send the origin as the referrer");
}, 'with empty string referrer policy in rule set defaulting to "strict-origin" of referring page');
</script>
|