Adding upstream version 110.0.1.upstream/110.0.1 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-07 09:22:09 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-07 09:22:09 +0000
commit: 43a97878ce14b72f0981164f87f2e35e14151312 (patch)
tree: 620249daf56c0258faa40cbdcf9cfba06de2a846 /testing/web-platform/tests/permissions-policy/reporting
parent: Initial commit. (diff)
download: firefox-43a97878ce14b72f0981164f87f2e35e14151312.tar.xz
firefox-43a97878ce14b72f0981164f87f2e35e14151312.zip
59 files changed, 1181 insertions, 0 deletions
diff --git a/testing/web-platform/tests/permissions-policy/reporting/bluetooth-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-report-only.https.html
new file mode 100644
index 0000000000..9688baa5b0
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-report-only.https.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src='/resources/testdriver-vendor.js'></script>
+    <script src='/bluetooth/resources/bluetooth-test.js'></script>
+  </head>
+  <body>
+    <script>
+
+function check_report_format([reports, observer]) {
+  const report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "bluetooth");
+  assert_equals(report.body.disposition, "report");
+};
+
+bluetooth_test(() => {
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    await navigator.bluetooth.getAvailability();
+    check_report_format(await report);
+  }, 'getAvailability in bluetooth report only mode');
+
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    await navigator.bluetooth.getDevices();
+    check_report_format(await report);
+  }, 'getDevices in bluetooth report only mode');
+
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    await test_driver.bless('Activate document for bluetooth.requestDevice');
+    await promise_rejects_js(t, TypeError, navigator.bluetooth.requestDevice({filters: []}), 'requestDevice() call should fail when no filters are selected.')
+
+    check_report_format(await report);
+  }, 'requestDevice in bluetooth report only mode');
+
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    await test_driver.bless('Activate document for bluetooth.requestLEScan');
+    await promise_rejects_js(t, TypeError, navigator.bluetooth.requestLEScan({filters: []}), 'requestLEScan() call should fail when no filters are selected.');
+
+    check_report_format(await report);
+  }, 'requestLEScan in bluetooth report only mode');
+});
+    </script>
+  </body>
+</html>
+\ No newline at end of file
diff --git a/testing/web-platform/tests/permissions-policy/reporting/bluetooth-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-report-only.https.html.headers
new file mode 100644
index 0000000000..dfa8cf0090
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: bluetooth=()
+\ No newline at end of file
diff --git a/testing/web-platform/tests/permissions-policy/reporting/bluetooth-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-reporting.https.html
new file mode 100644
index 0000000000..35b22122b9
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-reporting.https.html
@@ -0,0 +1,83 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src='/resources/testdriver-vendor.js'></script>
+    <script src='/bluetooth/resources/bluetooth-test.js'></script>
+    <script src='../resources/permissions-policy-report-json.js'></script>
+  </head>
+  <body>
+    <script>
+
+function check_report_format([reports, observer]) {
+  const report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "bluetooth");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+  check_report_json(report);
+};
+
+bluetooth_test(() => {
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    try {
+      await navigator.bluetooth.getAvailability().then(availability => {
+        assert_false(availability);
+      });
+    } catch(e) {
+      assert_unreached('getAvailability should return false when Bluetooth access is disallowed.');
+    }
+    check_report_format(await report);
+  }, 'getAvailability in bluetooth reporting mode');
+
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    await promise_rejects_dom(
+        t, 'SecurityError', navigator.bluetooth.getDevices(),
+        'Bluetooth access should not be allowed in this document.');
+    check_report_format(await report);
+  }, 'getDevices in bluetooth reporting mode');
+
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    await test_driver.bless('Activate document for bluetooth.requestDevice');
+    await promise_rejects_dom(
+        t, 'SecurityError', navigator.bluetooth.requestDevice(),
+        'Bluetooth access should not be allowed in this document.');
+    check_report_format(await report);
+  }, 'requestDevice in bluetooth reporting mode');
+
+  promise_test(async t => {
+    const report = new Promise(resolve => {
+      new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                            {types: ['permissions-policy-violation']}).observe();
+    });
+
+    await test_driver.bless('Activate document for bluetooth.requestLEScan');
+    await promise_rejects_dom(
+        t, 'SecurityError', navigator.bluetooth.requestLEScan(),
+        'Bluetooth access should not be allowed in this document.');
+    check_report_format(await report);
+  }, 'requestLEScan in bluetooth reporting mode');
+});
+    </script>
+  </body>
+</html>
+\ No newline at end of file
diff --git a/testing/web-platform/tests/permissions-policy/reporting/bluetooth-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-reporting.https.html.headers
new file mode 100644
index 0000000000..10b94729dd
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/bluetooth-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: bluetooth=()
+\ No newline at end of file
diff --git a/testing/web-platform/tests/permissions-policy/reporting/camera-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/camera-report-only.https.html
new file mode 100644
index 0000000000..2cf20c28a7
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/camera-report-only.https.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+    <script src="../../mediacapture-streams/permission-helper.js"></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "camera");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await test_driver.bless('Activate document for user media');
+  await setMediaPermission("granted", ["camera"]);
+  await navigator.mediaDevices.getUserMedia({video: true});
+  check_report_format(await report);
+}, "Camera report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/camera-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/camera-report-only.https.html.headers
new file mode 100644
index 0000000000..71a1cca5be
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/camera-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: camera=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/camera-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/camera-reporting.https.html
new file mode 100644
index 0000000000..9cf1b18002
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/camera-reporting.https.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src='/resources/testdriver-vendor.js'></script>
+    <script src='../../mediacapture-streams/permission-helper.js'></script>
+  </head>
+  <body>
+    <script>
+var t = async_test("Camera Report Format");
+
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "camera");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+new ReportingObserver(t.step_func_done(check_report_format),
+                      {types: ['permissions-policy-violation']}).observe();
+
+setMediaPermission("granted", ["camera"]).then(() => navigator.mediaDevices.getUserMedia({video: true})).then(
+  t.unreached_func("UserMedia camera access should not be allowed in this document.")
+).catch(() => {});
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/camera-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/camera-reporting.https.html.headers
new file mode 100644
index 0000000000..6fcbae1419
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/camera-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: camera=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-report-only.https.html
new file mode 100644
index 0000000000..72a1ca2368
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-report-only.https.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "encrypted-media");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await navigator.requestMediaKeySystemAccess("org.w3.clearkey",
+      [{
+        initDataTypes: ["webm"],
+        videoCapabilities: [{contentType: 'video/webm;codecs="vp8"'}],
+      }]);
+  check_report_format(await report);
+}, "Encrypted Media report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-report-only.https.html.headers
new file mode 100644
index 0000000000..0d5480e2a6
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: encrypted-media=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-reporting.https.html
new file mode 100644
index 0000000000..32a5a2cc48
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-reporting.https.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "encrypted-media");
+  assert_equals(report.body.disposition, "enforce");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await promise_rejects_dom(t, "SecurityError",
+    navigator.requestMediaKeySystemAccess("org.w3.clearkey",
+      [{
+        initDataTypes: ["webm"],
+        videoCapabilities: [{contentType: 'video/webm;codecs="vp8"'}],
+      }]),
+      "requestMediaKeySystemAccess() should not be allowed in this document.");
+  const [reports, observer] = await report;
+  check_report_format(reports, observer);
+}, "Encrypted Media report format");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-reporting.https.html.headers
new file mode 100644
index 0000000000..9505c02dae
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/encrypted-media-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: encrypted-media=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/fullscreen-report-only.html b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-report-only.html
new file mode 100644
index 0000000000..caf31f6b79
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-report-only.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+  </head>
+  <body>
+    <div id='fs'></div>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "fullscreen");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await test_driver.bless('Activate document for fullscreen');
+  await document.getElementById('fs').requestFullscreen();
+  check_report_format(await report);
+  document.exitFullscreen();
+}, "Fullscreen report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/fullscreen-report-only.html.headers b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-report-only.html.headers
new file mode 100644
index 0000000000..384d778c9a
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-report-only.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: fullscreen=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/fullscreen-reporting.html b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-reporting.html
new file mode 100644
index 0000000000..d7b905744d
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-reporting.html
@@ -0,0 +1,45 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <div id='fs'></div>
+    <script>
+var observer1;
+var observer2;
+
+var check_report_format = (reports, observer) => {
+  // Test that observer2 is notified, even if it is disconnected.
+  observer1.disconnect();
+  observer2.disconnect();
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "fullscreen");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+var check_second_observer = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "fullscreen");
+};
+
+async_test(t => {
+  observer1 = new ReportingObserver(t.step_func(check_report_format),
+                                    {types: ['permissions-policy-violation']});
+  observer1.observe();
+  observer2 = new ReportingObserver(t.step_func_done(check_second_observer),
+                                    {types: ['permissions-policy-violation']});
+  observer2.observe();
+  document.getElementById('fs').requestFullscreen().then(t.unreached_func(
+    "Fullscreen should not be allowed in this document.")).catch(()=>{});
+}, "Fullscreen Report Format");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/fullscreen-reporting.html.headers b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-reporting.html.headers
new file mode 100644
index 0000000000..a65abd6e45
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/fullscreen-reporting.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: fullscreen=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-report-only.https.html
new file mode 100644
index 0000000000..21fb850391
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-report-only.https.html
@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var sensor_features_verified = {
+  "accelerometer": false,
+  "ambient-light-sensor": false,
+  "magnetometer": false,
+  "gyroscope": false
+};
+
+var check_report_format = function(reports, observer) {
+  // Check each report in this batch. This observer callback may be called
+  // multiple times before all reports have been processed.
+  for (const report of reports) {
+
+    // Validate that the reported feature is one of the sensor features, and that
+    // we have not seen a report for this feature before.
+    assert_true(sensor_features_verified.hasOwnProperty(report.body.featureId));
+    assert_false(sensor_features_verified[report.body.featureId]);
+
+    // Validate the remainder of the report
+    assert_equals(report.type, "permissions-policy-violation");
+    assert_equals(report.url, document.location.href);
+    assert_equals(report.body.sourceFile, document.location.href);
+    assert_equals(typeof report.body.lineNumber, "number");
+    assert_equals(typeof report.body.columnNumber, "number");
+    assert_equals(report.body.disposition, "report");
+
+    sensor_features_verified[report.body.featureId] = true;
+  }
+
+  // Test is only done when reports for all features have been seen
+  for (let result of Object.values(sensor_features_verified)) {
+    if (!result)
+      return;
+  }
+  this.done();
+};
+
+async_test(t => {
+  new ReportingObserver(t.step_func(check_report_format),
+                        {types: ['permissions-policy-violation']}).observe();
+  new Accelerometer();
+  new AmbientLightSensor();
+  new Gyroscope();
+  new Magnetometer();
+}, "Generic Sensor report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-report-only.https.html.headers
new file mode 100644
index 0000000000..2a51586203
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: ambient-light-sensor=(), accelerometer=(), gyroscope=(), magnetometer=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-reporting.https.html
new file mode 100644
index 0000000000..c29c069ee3
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-reporting.https.html
@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var sensor_features_verified = {
+  "accelerometer": false,
+  "ambient-light-sensor": false,
+  "magnetometer": false,
+  "gyroscope": false
+};
+
+var check_report_format = function(reports, observer) {
+  // Check each report in this batch. This observer callback may be called
+  // multiple times before all reports have been processed.
+  for (const report of reports) {
+
+    // Validate that the reported feature is one of the sensor features, and that
+    // we have not seen a report for this feature before.
+    assert_true(sensor_features_verified.hasOwnProperty(report.body.featureId));
+    assert_false(sensor_features_verified[report.body.featureId]);
+
+    // Validate the remainder of the report
+    assert_equals(report.type, "permissions-policy-violation");
+    assert_equals(report.url, document.location.href);
+    assert_equals(report.body.sourceFile, document.location.href);
+    assert_equals(typeof report.body.lineNumber, "number");
+    assert_equals(typeof report.body.columnNumber, "number");
+    assert_equals(report.body.disposition, "enforce");
+
+    sensor_features_verified[report.body.featureId] = true;
+  }
+
+  // Test is only done when reports for all features have been seen
+  for (let result of Object.values(sensor_features_verified)) {
+    if (!result)
+      return;
+  }
+  this.done();
+};
+
+async_test(t => {
+  new ReportingObserver(t.step_func(check_report_format),
+                        {types: ['permissions-policy-violation']}).observe();
+  assert_throws_dom("SecurityError", () => new Accelerometer(), "Constructing sensors should be blocked by policy");
+  assert_throws_dom("SecurityError", () => new AmbientLightSensor(), "Constructing sensors should be blocked by policy");
+  assert_throws_dom("SecurityError", () => new Gyroscope(), "Constructing sensors should be blocked by policy");
+  assert_throws_dom("SecurityError", () => new Magnetometer(), "Constructing sensors should be blocked by policy");
+}, "Generic Sensor Report Format");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-reporting.https.html.headers
new file mode 100644
index 0000000000..b0ebb72e9c
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/generic-sensor-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: ambient-light-sensor=(),accelerometer=(),gyroscope=(),magnetometer=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/geolocation-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/geolocation-report-only.https.html
new file mode 100644
index 0000000000..abffd62cfc
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/geolocation-report-only.https.html
@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "geolocation");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  try {
+    await new Promise((resolve, reject) => {
+      navigator.geolocation.getCurrentPosition(resolve, reject);
+    });
+    check_report_format(await report);
+  } catch (err) {
+    // In case the getCurrentPosition call was rejected due to user permissions,
+    // the report should be generated anyway. Wait for it and check the format
+    // before failing this test.
+    check_report_format(await report);
+    throw err;
+  }
+}, "Geolocation report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/geolocation-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/geolocation-report-only.https.html.headers
new file mode 100644
index 0000000000..c7e5f25bc5
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/geolocation-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: geolocation=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/geolocation-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/geolocation-reporting.https.html
new file mode 100644
index 0000000000..e0eb275bcc
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/geolocation-reporting.https.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var t = async_test("Geolocation Report Format");
+
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "geolocation");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+new ReportingObserver(t.step_func_done(check_report_format),
+                      {types: ['permissions-policy-violation']}).observe();
+
+navigator.geolocation.getCurrentPosition(
+  t.unreached_func("geolocation should be disabled in this document"),
+  () => {});
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/geolocation-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/geolocation-reporting.https.html.headers
new file mode 100644
index 0000000000..26bfbc2496
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/geolocation-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: geolocation=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/image.bmp b/testing/web-platform/tests/permissions-policy/reporting/image.bmp
new file mode 100644
index 0000000000..f2b88690fc
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/image.bmp
diff --git a/testing/web-platform/tests/permissions-policy/reporting/microphone-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/microphone-report-only.https.html
new file mode 100644
index 0000000000..1b9b87f442
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/microphone-report-only.https.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+    <script src='../../mediacapture-streams/permission-helper.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "microphone");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await test_driver.bless('Activate document for user media');
+  await setMediaPermission();
+  await navigator.mediaDevices.getUserMedia({audio: true});
+  check_report_format(await report);
+}, "Microphone report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/microphone-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/microphone-report-only.https.html.headers
new file mode 100644
index 0000000000..adcf95e9e2
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/microphone-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: microphone=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/microphone-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/microphone-reporting.https.html
new file mode 100644
index 0000000000..5b4c2121e3
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/microphone-reporting.https.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src=/resources/testdriver.js></script>
+    <script src=/resources/testdriver-vendor.js></script>
+    <script src='../../mediacapture-streams/permission-helper.js'></script>
+  </head>
+  <body>
+    <script>
+var t = async_test("Microphone Report Format");
+
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "microphone");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+new ReportingObserver(t.step_func_done(check_report_format),
+                      {types: ['permissions-policy-violation']}).observe();
+
+setMediaPermission().then(() => navigator.mediaDevices.getUserMedia({audio: true})).then(
+  t.unreached_func("UserMedia microphone access should not be allowed in this document.")
+).catch(() => {});
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/microphone-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/microphone-reporting.https.html.headers
new file mode 100644
index 0000000000..ae65ea5c73
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/microphone-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: microphone=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/midi-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/midi-report-only.https.html
new file mode 100644
index 0000000000..3aa12dcfb5
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/midi-report-only.https.html
@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "midi");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  try {
+    await navigator.requestMIDIAccess();
+    check_report_format(await report);
+  } catch (err) {
+    // In case the requestMIDIAccess call was rejected due to user permissions,
+    // the report should be generated anyway. Wait for it and check the format
+    // before failing this test.
+    check_report_format(await report);
+    throw err;
+  }
+}, "MIDI report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/midi-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/midi-report-only.https.html.headers
new file mode 100644
index 0000000000..10570f6044
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/midi-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: midi=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/midi-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/midi-reporting.https.html
new file mode 100644
index 0000000000..6cc07f5371
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/midi-reporting.https.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "midi");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+promise_test(async (t) => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await promise_rejects_dom(t, 'SecurityError', navigator.requestMIDIAccess(),
+                        "MIDI device access should not be allowed in this document.");
+  const [reports, observer] = await report;
+  check_report_format(reports, observer);
+}, "MIDI Report Format");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/midi-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/midi-reporting.https.html.headers
new file mode 100644
index 0000000000..1fa88c3a59
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/midi-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: midi=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/payment-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/payment-report-only.https.html
new file mode 100644
index 0000000000..f1b1b433f5
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/payment-report-only.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src='/resources/testdriver-vendor.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "payment");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  try {
+    await test_driver.bless();
+    const request = new PaymentRequest(
+      [{ supportedMethods: 'https://example.com/pay' }],
+      { total: { label: 'Total', amount: { currency: 'USD', value: 0 }}},
+      {});
+    await request.show()
+    check_report_format(await report);
+  } catch (err) {
+    // In case the show call was rejected, the report should be generated
+    // anyway. Wait for it and check the format before failing this test.
+    check_report_format(await report);
+    throw err;
+  }
+}, "PaymentRequest report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/payment-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/payment-report-only.https.html.headers
new file mode 100644
index 0000000000..25be8168ab
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/payment-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: payment=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/payment-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/payment-reporting.https.html
new file mode 100644
index 0000000000..f639c2b7c6
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/payment-reporting.https.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='../resources/permissions-policy-report-json.js'></script>
+  </head>
+  <body>
+    <script>
+var t = async_test("PaymentRequest Report Format");
+
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "payment");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+  check_report_json(report);
+};
+
+new ReportingObserver(t.step_func_done(check_report_format),
+                      {types: ['permissions-policy-violation']}).observe();
+
+t.step_func(() => {
+  assert_throws_dom('SecurityError',
+  () => new PaymentRequest(
+    [{ supportedMethods: 'https://example.com/pay' }],
+    { total: { label: 'Total', amount: { currency: 'USD', value: 0 }}},
+    {}).show(),
+  "PaymentRequest API should not be allowed in this document.");
+})();
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/payment-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/payment-reporting.https.html.headers
new file mode 100644
index 0000000000..49f799d138
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/payment-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: payment=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-report-only.html b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-report-only.html
new file mode 100644
index 0000000000..0caa2ae953
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-report-only.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/common/media.js'></script>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src="/resources/testdriver.js"></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+    <script src='../resources/picture-in-picture.js'></script>
+  </head>
+  <body>
+    <script>
+const check_report_format = ([reports, observer]) => {
+  const report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "picture-in-picture");
+  assert_equals(report.body.disposition, "report");
+};
+
+const loadVideo = () => new Promise(resolve => {
+    const video = document.createElement('video');
+    video.src = getVideoURI('/media/movie_5');
+    video.addEventListener('loadedmetadata', () => {
+      resolve(video);
+    }, { once: true });
+});
+
+promise_pip_test(async (t) => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  const videoElement = await loadVideo();
+  await test_driver.bless('picture-in-picture');
+  await videoElement.requestPictureInPicture();
+  check_report_format(await report);
+}, "Picture-in-Picture report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-report-only.html.headers b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-report-only.html.headers
new file mode 100644
index 0000000000..0f73e39c58
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-report-only.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: picture-in-picture=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-reporting.html b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-reporting.html
new file mode 100644
index 0000000000..177e4d5c02
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-reporting.html
@@ -0,0 +1,46 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/common/media.js'></script>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src="/resources/testdriver.js"></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+    <script src='../resources/picture-in-picture.js'></script>
+  </head>
+  <body>
+    <script>
+const check_report_format = (reports, observer) => {
+  const report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "picture-in-picture");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+const loadVideo = () => new Promise(resolve => {
+    const video = document.createElement('video');
+    video.src = getVideoURI('/media/movie_5');
+    video.addEventListener('loadedmetadata', () => {
+      resolve(video);
+    }, { once: true });
+});
+
+promise_pip_test(async (t) => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  const videoElement = await loadVideo();
+  await test_driver.bless('picture-in-picture');
+  await promise_rejects_dom(t, 'SecurityError', videoElement.requestPictureInPicture(),
+                        "Picture-in-Picture should not be allowed in this document.");
+  const [reports, observer] = await report;
+  check_report_format(reports, observer);
+}, "Picture-in-Picture Report Format");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-reporting.html.headers b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-reporting.html.headers
new file mode 100644
index 0000000000..12fc99b50b
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/picture-in-picture-reporting.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: picture-in-picture=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/screen-wake-lock-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/screen-wake-lock-reporting.https.html
new file mode 100644
index 0000000000..4ddfc69f86
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/screen-wake-lock-reporting.https.html
@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+      promise_test(async (t) => {
+        const reportPromise = new Promise(resolve => {
+          new ReportingObserver((reports, observer) => resolve(reports),
+                                {types: ["permissions-policy-violation"]}).observe();
+        });
+        // Even though we do not explicitly allow screen wake lock requests in
+        // testdriver, per spec Permissions Policy checks should happen earlier.
+        await promise_rejects_dom(t, 'NotAllowedError', navigator.wakeLock.request("screen"),
+                                  "Screen Wake Lock should not be allowed in this document.");
+        const reports = await reportPromise;
+
+        assert_equals(reports.length, 1);
+        const report = reports[0];
+        assert_equals(report.type, "permissions-policy-violation");
+        assert_equals(report.url, document.location.href);
+        assert_equals(report.body.featureId, "screen-wake-lock");
+        assert_equals(report.body.sourceFile, document.location.href);
+        assert_equals(typeof report.body.lineNumber, "number");
+        assert_equals(typeof report.body.columnNumber, "number");
+        assert_equals(report.body.disposition, "enforce");
+      }, "Screen Wake Lock Report Format");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/screen-wake-lock-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/screen-wake-lock-reporting.https.html.headers
new file mode 100644
index 0000000000..66f07f4c1c
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/screen-wake-lock-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: screen-wake-lock=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/serial-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/serial-report-only.https.html
new file mode 100644
index 0000000000..3a410362de
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/serial-report-only.https.html
@@ -0,0 +1,46 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+  </head>
+  <body>
+    <div id='fs'></div>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "serial");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+
+  await test_driver.bless('Activate document for serial.requestPort');
+  try {
+    await navigator.serial.requestPort({filters: []});
+    assert_unreached('requestPort() call should fail when no port is selected.');
+  } catch (e) {
+    assert_equals(e.code, DOMException.NOT_FOUND_ERR);
+  }
+  check_report_format(await report);
+}, "requestPort in serial report only mode");
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+
+  await navigator.serial.getPorts();
+  check_report_format(await report);
+}, "getPorts in serial report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/serial-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/serial-report-only.https.html.headers
new file mode 100644
index 0000000000..cee26394d3
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/serial-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: serial=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/serial-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/serial-reporting.https.html
new file mode 100644
index 0000000000..c96d8f878a
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/serial-reporting.https.html
@@ -0,0 +1,54 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "serial");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+
+  await test_driver.bless('Activate document for serial.requestPort');
+  try {
+    await navigator.serial.requestPort({ filters: [] });
+    assert_unreached("Serial port access should not be allowed in this document.");
+  } catch (e) {
+    assert_equals(e.code, DOMException.SECURITY_ERR);
+  }
+  check_report_format(await report);
+}, "requestPort in serial reporting mode");
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+
+  try {
+    await navigator.serial.getPorts();
+    assert_unreached("Serial port access should not be allowed in this document.");
+  } catch (e) {
+    assert_equals(e.code, DOMException.SECURITY_ERR);
+  }
+  check_report_format(await report);
+}, "getPorts in serial reporting mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/serial-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/serial-reporting.https.html.headers
new file mode 100644
index 0000000000..690b696751
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/serial-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: serial=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-report-only.html b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-report-only.html
new file mode 100644
index 0000000000..29b1368a2e
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-report-only.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+const check_report_format = ([reports, observer]) => {
+  const report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "sync-xhr");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  const xhr = new XMLHttpRequest();
+  xhr.open("GET", document.location.href, false);
+  xhr.send();
+  check_report_format(await report);
+}, "Sync-xhr report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-report-only.html.headers b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-report-only.html.headers
new file mode 100644
index 0000000000..ce914048e1
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-report-only.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: sync-xhr=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-reporting.html b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-reporting.html
new file mode 100644
index 0000000000..a8fdb09ece
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-reporting.html
@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='../resources/permissions-policy-report-json.js'></script>
+  </head>
+  <body>
+    <script>
+var t = async_test("Sync-xhr Report Format");
+
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "sync-xhr");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+  check_report_json(report);
+};
+
+new ReportingObserver(t.step_func_done(check_report_format),
+                      {types: ['permissions-policy-violation']}).observe();
+
+t.step_func(() => {
+  var xhr = new XMLHttpRequest();
+  xhr.open("GET", document.location.href, false);
+  assert_throws_dom('NetworkError',
+    () => xhr.send(),
+    "Synchronous XHR.send should throw an exception when disabled");
+})();
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-reporting.html.headers b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-reporting.html.headers
new file mode 100644
index 0000000000..7f375e0b75
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/sync-xhr-reporting.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: sync-xhr=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/usb-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/usb-report-only.https.html
new file mode 100644
index 0000000000..5a96531115
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/usb-report-only.https.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+    <script src='/resources/testdriver.js'></script>
+    <script src="/resources/testdriver-vendor.js"></script>
+  </head>
+  <body>
+    <div id='fs'></div>
+    <script>
+var check_report_format = ([reports, observer]) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.body.featureId, "usb");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await test_driver.bless('Activate document for USB');
+  await navigator.usb.getDevices();
+  check_report_format(await report);
+}, "USB report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/usb-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/usb-report-only.https.html.headers
new file mode 100644
index 0000000000..f4b92eadd9
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/usb-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: usb=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/usb-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/usb-reporting.https.html
new file mode 100644
index 0000000000..1ec5ba4370
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/usb-reporting.https.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var t = async_test("USB Report Format");
+
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "usb");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+new ReportingObserver(t.step_func_done(check_report_format),
+                      {types: ['permissions-policy-violation']}).observe();
+
+navigator.usb.getDevices().then(
+  t.unreached_func("USB device access should not be allowed in this document.")
+).catch(() => {});
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/usb-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/usb-reporting.https.html.headers
new file mode 100644
index 0000000000..ff22d62f10
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/usb-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: usb=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/xr-report-only.https.html b/testing/web-platform/tests/permissions-policy/reporting/xr-report-only.https.html
new file mode 100644
index 0000000000..f39ecf3432
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/xr-report-only.https.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+const check_report_format = ([reports, observer]) => {
+  const report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "xr-spatial-tracking");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "report");
+};
+
+promise_test(async t => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  try {
+    let supported = await navigator.xr.isSessionSupported('immersive-vr');
+  } catch (err) {
+    // IsSessionSupported should only throw with a permissions policy violation;
+    // however, inline does not trigger the permissions policy,
+    // so immersive-vr must be used.
+    assert_unreached("isSessionSupported should not throw in ReportOnly mode");
+  }
+  check_report_format(await report);
+}, "XR report only mode");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/xr-report-only.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/xr-report-only.https.html.headers
new file mode 100644
index 0000000000..141deb4dfc
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/xr-report-only.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy-Report-Only: xr-spatial-tracking=()
diff --git a/testing/web-platform/tests/permissions-policy/reporting/xr-reporting.https.html b/testing/web-platform/tests/permissions-policy/reporting/xr-reporting.https.html
new file mode 100644
index 0000000000..d87d4fb028
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/xr-reporting.https.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+  </head>
+  <body>
+    <script>
+var check_report_format = (reports, observer) => {
+  let report = reports[0];
+  assert_equals(report.type, "permissions-policy-violation");
+  assert_equals(report.url, document.location.href);
+  assert_equals(report.body.featureId, "xr-spatial-tracking");
+  assert_equals(report.body.sourceFile, document.location.href);
+  assert_equals(typeof report.body.lineNumber, "number");
+  assert_equals(typeof report.body.columnNumber, "number");
+  assert_equals(report.body.disposition, "enforce");
+};
+
+promise_test(async (t) => {
+  const report = new Promise(resolve => {
+    new ReportingObserver((reports, observer) => resolve([reports, observer]),
+                          {types: ['permissions-policy-violation']}).observe();
+  });
+  await promise_rejects_dom(t, 'SecurityError',
+                        navigator.xr.isSessionSupported('immersive-vr'),
+                        "XR spatial tracking should not be allowed in this document.");
+  const [reports, observer] = await report;
+  check_report_format(reports, observer);
+}, "XR Report Format");
+    </script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/permissions-policy/reporting/xr-reporting.https.html.headers b/testing/web-platform/tests/permissions-policy/reporting/xr-reporting.https.html.headers
new file mode 100644
index 0000000000..56b8c11a5b
--- /dev/null
+++ b/testing/web-platform/tests/permissions-policy/reporting/xr-reporting.https.html.headers
@@ -0,0 +1 @@
+Permissions-Policy: xr-spatial-tracking=()
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-07 09:22:09 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-07 09:22:09 +0000
commit	43a97878ce14b72f0981164f87f2e35e14151312 (patch)
tree	620249daf56c0258faa40cbdcf9cfba06de2a846 /testing/web-platform/tests/permissions-policy/reporting
parent	Initial commit. (diff)
download	firefox-43a97878ce14b72f0981164f87f2e35e14151312.tar.xz firefox-43a97878ce14b72f0981164f87f2e35e14151312.zip