diff options
Diffstat (limited to 'testing/web-platform/tests/referrer-policy/generic/inheritance')
14 files changed, 733 insertions, 0 deletions
diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-about-blank.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-about-blank.html new file mode 100644 index 0000000000..fc7d39a4cf --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-about-blank.html @@ -0,0 +1,107 @@ +<!doctype html> +<meta charset="utf-8"> +<title>Referrer Policy: iframe src="about:blank"</title> +<link rel="author" title="Hiroshige Hayashizaki" href="mailto:hiroshige@chromium.org"> +<link rel="author" title="Dom Farolino" href="mailto:dom@chromium.org"> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<meta name="referrer" content="origin"> +<body> +<script> +const testFetchClientReferrer = + async_test("The fetch() API in an about:blank iframe with the 'client' " + + "referrer is fetched with no 'Referer' header"); +const testFetchURLReferrer = + async_test("The fetch() API in an about:blank iframe with a custom URL " + + "referrer is fetched with a 'Referer` header that uses the " + + "outer document's URL along with its referrer policy"); +const testDocumentReferrer = + async_test("The value of document.referrer in an about:blank iframe is the " + + "outer document's full URL, regardless of referrer policy"); +const testSubresource = + async_test("A subresource fetched from an about:blank iframe is fetched " + + "with no 'Referer' header"); + +window.addEventListener("message", msg => { + const test_name = msg.data.test; + const referrer = msg.data.referrer; + if (test_name === "testFetchClientReferrer") { + testFetchClientReferrer.step_func_done(() => { + // Because the URL of the Document of <iframe src="about:blank"> is + // "about:blank", the stripped URL is no referrer: + // https://w3c.github.io/webappsec-referrer-policy/#strip-url. + assert_equals(referrer, undefined); + })(); + } else if (test_name === "testFetchURLReferrer") { + // <iframe src="about:blank"> inherits its parent's referrer policy. + // Note: Setting an explicit URL as referrer succeeds + // because the same-origin check at + // https://fetch.spec.whatwg.org/#dom-request + // is done against <iframe>'s origin, which inherits the parent + // Document's origin == location.orgin. Furthermore, since the iframe + // inherits its parent's referrer policy, the URL should be restricted to + // its origin. + testFetchURLReferrer.step_func_done(() => { + assert_equals(referrer, location.origin + '/'); + })(); + } else if (test_name === "testDocumentReferrer") { + // The referrer of the initial document in an about:blank iframe is set to + // its creating document's URL, unredacted by a referrer policy, as per step + // 13 of: + // https://html.spec.whatwg.org/multipage/browsers.html#creating-a-new-browsing-context. + testDocumentReferrer.step_func_done(() => { + assert_equals(referrer, location.href); + })(); + } else if (test_name === "testSubresource") { + // Because the URL of the Document of <iframe src="about:blank"> is + // "about:blank", the stripped URL is no referrer: + // https://w3c.github.io/webappsec-referrer-policy/#strip-url. + testSubresource.step_func_done(() => { + assert_equals(referrer, ""); + })(); + } +}); + +const iframe = document.createElement("iframe"); + +iframe.addEventListener("load", function() { + const iframe_script = iframe.contentDocument.createElement('script'); + iframe_script.textContent = ` + // Test fetch() API with default "client" referrer. + fetch("${location.origin}/common/security-features/subresource/xhr.py?name=testFetchClientReferrer") + .then(r => r.json()) + .then(j => { + top.postMessage({test: "testFetchClientReferrer", referrer: j.headers.referer}, "*") + }).catch(e => { + top.postMessage({test: "testFetchClientReferrer", referrer: "FAILURE"}, "*"); + }); + + // Test fetch() API with custom URL referrer. + fetch("${location.origin}/common/security-features/subresource/xhr.py?name=URL", + {referrer: "${location.href}/custom"}) + .then(r => r.json()) + .then(j => { + top.postMessage({test: "testFetchURLReferrer", referrer: j.headers.referer}, "*") + }).catch(e => { + top.postMessage({test: "testFetchURLReferrer", referrer: "FAILURE"}, "*"); + }); + + // Test document.referrer. + top.postMessage({test: "testDocumentReferrer", referrer: document.referrer}, "*"); + + // Test a subresource being fetched by the iframe. + const subresource_script = document.createElement('script'); + subresource_script.src = "${location.origin}/common/security-features/subresource/referrer.py"; + subresource_script.onload = e => { + top.postMessage({test: "testSubresource", referrer: window.referrer}, "*"); + } + subresource_script.onerror = function(e) { + top.postMessage({test: "testSubresource", referrer: "FAILURE"}, "*"); + }; + document.head.appendChild(subresource_script); + `; + iframe.contentDocument.body.appendChild(iframe_script); +}); + +document.body.appendChild(iframe); +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-data.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-data.html new file mode 100644 index 0000000000..1d39781e30 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-data.html @@ -0,0 +1,27 @@ +<html> + <head> + <title>Referrer Policy: iframes with data url uses no referrer</title> + <link rel="help" href="https://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-nested"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/common/get-host-info.sub.js"></script> + <script src="resources/make-html-script.js"></script> + <meta name="referrer" content="origin"> + </head> + <body onload="runTest()"> + <h1>Referrer Policy: iframes with data url uses no referrer</h1> + <script> + let test = async_test("iframes with data url uses no referrer"); + window.addEventListener("message", test.step_func_done(msg => { + assert_equals(msg.data.referrer, undefined); + })); + + function runTest() { + let iframe = document.createElement("iframe"); + iframe.src = `data:text/html,${createScriptString(get_host_info().REMOTE_ORIGIN)}`; + document.body.appendChild(iframe); + } + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-document-write.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-document-write.html new file mode 100644 index 0000000000..c88586aaf6 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-document-write.html @@ -0,0 +1,34 @@ +<!doctype html> +<title>Referrer Policy: iframes with document.write()</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="resources/make-html-script.js"></script> +<meta name="referrer" content="origin"> +<div id="log"></div> +<script> + let reportedReferrer = () => { + return new Promise(resolve => { + window.addEventListener("message", msg => resolve(msg.data.referrer)); + }); + }; + + const iframe = document.createElement("iframe"); + promise_test(async t => { + let referrer_of_srcdoc_iframe = reportedReferrer(); + const script_to_fetch_cross_origin_resource = + createScriptString(get_host_info().REMOTE_ORIGIN, location.origin + "/custom"); + iframe.srcdoc = `<head><meta name="referrer" content="unsafe-url"></head>` + + script_to_fetch_cross_origin_resource; + document.body.appendChild(iframe); + assert_equals(await referrer_of_srcdoc_iframe, self.origin + "/custom", + "Srcdoc iframe setting referrer policy via meta header should use that referrer policy."); + + let referrer_after_document_open = reportedReferrer(); + iframe.contentDocument.open(); + iframe.contentDocument.write(script_to_fetch_cross_origin_resource); + iframe.contentDocument.close(); + assert_equals(await referrer_after_document_open, self.origin + "/custom", + "Referrer policy should not change after document.open()."); + }, "document.open() should not change the referrer policy of the opened document."); +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-history-about-blank.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-history-about-blank.html new file mode 100644 index 0000000000..8d68ffb5ff --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-history-about-blank.html @@ -0,0 +1,80 @@ +<!doctype html> +<title>Referrer Policy: navigating back to an about:blank iframe reuses the original referrer policy</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<meta name="referrer" content="no-referrer"> +<div id="log"></div> +<script> + let checkReferrer = document => { + let script = document.createElement('script'); + script.innerText = ` + fetch("${origin}/common/security-features/subresource/xhr.py", + {referrer: "${location.origin}/custom"}) + .then(r => r.json()) + .then(j => { + top.postMessage({referrer: j.headers.referer}, "*") + }).catch(e => { + top.postMessage({referrer: "FAILURE"}, "*"); + }); + ` + + let referrer = new Promise(resolve => { + window.addEventListener("message", function listener(msg) { + window.removeEventListener("message", listener, false); + resolve(msg.data.referrer); + }); + }); + + document.body.appendChild(script); + + return referrer; + }; + + let iframeLoaded = iframe => { + return new Promise(resolve => { + iframe.onload = resolve; + }); + }; + + promise_test(async t => { + // 1. Create an iframe and navigate it to about:blank. + // (We cannot just create an empty iframe since the initial empty + // document will get its history entry replaced, so we cannot + // navigate back to it.) + const iframe = document.createElement("iframe"); + iframe.name = 'test_frame'; + iframe.src = "/referrer-policy"; + document.body.appendChild(iframe); + await iframeLoaded(iframe); + + window.open('about:blank', 'test_frame'); + await iframeLoaded(iframe); + let referrer_1 = await checkReferrer(iframe.contentDocument); + assert_equals(referrer_1, undefined, + "First navigation uses correct policy."); + + // 2. Change the referrer policy of the iframe. + let meta = iframe.contentDocument.createElement('meta'); + meta.name = 'referrer'; + meta.content = "unsafe-url"; + iframe.contentDocument.head.appendChild(meta); + + let referrer_2 = await checkReferrer(iframe.contentDocument); + assert_equals(referrer_2, location.origin + '/custom', + "Referrer policy correctly changed."); + + // 3. Navigate the iframe elsewhere. + window.open('/referrer-policy', 'test_frame'); + await iframeLoaded(iframe); + + // 4. Navigate the iframe back. + iframe.contentWindow.history.back(); + await iframeLoaded(iframe); + + let referrer_3 = await checkReferrer(iframe.contentDocument); + assert_equals(referrer_3, undefined, + "History navigation reuses original policy."); + document.body.removeChild(iframe); + }, "History navigation reuses original policy."); + +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-history-about-srcdoc.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-history-about-srcdoc.html new file mode 100644 index 0000000000..91ac5fc139 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-history-about-srcdoc.html @@ -0,0 +1,73 @@ +<!doctype html> +<title>Referrer Policy: navigating back to an about:srcdoc iframe reuses the original referrer policy</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="resources/make-html-script.js"></script> +<meta name="referrer" content="no-referrer"> +<div id="log"></div> +<script> + let reportedReferrer = () => { + return new Promise(resolve => { + window.addEventListener("message", function listener(msg) { + window.removeEventListener("message", listener, false); + resolve(msg.data.referrer); + }); + }); + }; + + let iframeLoaded = iframe => { + return new Promise(resolve => { + iframe.onload = resolve; + }); + }; + + promise_test(async t => { + // 1. Create an about:srcdoc iframe. + const iframe = document.createElement("iframe"); + iframe.name = 'test_frame'; + let iframe_load_1 = iframeLoaded(iframe); + let referrer_1 = reportedReferrer(); + iframe.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN, + location.origin + "/custom"); + document.body.appendChild(iframe); + await iframe_load_1; + let referrer_1_result = await referrer_1; + + // 2. Change the referrer policy of the main document. + document.getElementsByTagName('meta')[0].content = "unsafe-url"; + + // 3. Navigate the iframe elsewhere. + let iframe_load_2 = iframeLoaded(iframe); + window.open('/referrer-policy', 'test_frame'); + await iframe_load_2; + + // 4. Navigate the iframe back. + let iframe_load_3 = iframeLoaded(iframe); + let referrer_2 = reportedReferrer(); + iframe.contentWindow.history.back(); + await iframe_load_3; + + // Despite the main document has changed its referrer policy in (2), the + // reported referrer for the history navigation to about:srcdoc in (4) must + // match with the one originally reported in (1). + assert_equals(referrer_1_result, undefined, + "First navigation uses correct policy."); + assert_equals(await referrer_2, undefined, + "History navigation reuses original policy."); + }, "History navigation reuses original policy."); + + promise_test(async t => { + // If we initiate a new about:srcdoc navigation, the new referrer policy + // should apply. + const new_iframe = document.createElement("iframe"); + let new_iframe_load = iframeLoaded(new_iframe); + let new_iframe_referrer = reportedReferrer(); + new_iframe.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN, + location.origin + "/custom"); + document.body.appendChild(new_iframe); + await new_iframe_load; + + assert_equals(await new_iframe_referrer, self.origin + '/custom'); + }, "New srcdoc iframe uses new policy."); +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-javascript-child.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-javascript-child.html new file mode 100644 index 0000000000..491f104de4 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-javascript-child.html @@ -0,0 +1,77 @@ +<!doctype html> +<title>Referrer Policy: iframes with javascript url reuse referrer policy</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="resources/make-html-script.js"></script> +<meta name="referrer" content="unsafe-url"> +<div id="log"></div> +<script> +[ + { + srcDocPolicy: ``, + expected: location.origin + "/custom" + }, + { + srcDocPolicy: `<meta name="referrer" content="no-referrer">`, + expected: undefined + } +].forEach(({ srcDocPolicy, expected }) => { + promise_test(t => { + return new Promise(resolve => { + window.addEventListener("message", t.step_func(msg => { + assert_equals(msg.data.referrer, expected); + resolve(); + }), { once:true }); + + const iframe = document.createElement("iframe"); + t.add_cleanup(() => iframe.remove()); + iframe.srcdoc = `${srcDocPolicy}<body><h1>Outer iframe</h1></body>`; + iframe.onload = t.step_func(() => { + iframe.onload = null; + const iframeChild = iframe.contentDocument.createElement("iframe"); + // We add a custom referrer to the fetch request. Otherwise, + // since the frame's URL is "about:blank", the Referer header will + // always be empty: + // https://w3c.github.io/webappsec-referrer-policy/#strip-url. + iframeChild.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN, location.origin+"/custom")}'`; + iframe.contentDocument.body.appendChild(iframeChild); + }); + document.body.appendChild(iframe); + }); + }); +}); + +[ + { + srcDocPolicy: ``, + expected: location.href // Executing javascript does not change the document url. + // Since the algorithm for computing the referrer in a srcdoc + // iframe defers recursively to the parent, the expected + // referrer should be the full url of the main document. + }, + { + srcDocPolicy: `<meta name="referrer" content="no-referrer">`, + expected: undefined + } +].forEach(({ srcDocPolicy, expected }) => { + promise_test(t => { + return new Promise(resolve => { + window.addEventListener("message", t.step_func(msg => { + assert_equals(msg.data.referrer, expected); + resolve(); + }), { once:true }); + + const iframe = document.createElement("iframe"); + t.add_cleanup(() => iframe.remove()); + iframe.srcdoc = `${srcDocPolicy}<body><h1>Outer iframe</h1></body>`; + iframe.onload = t.step_func(() => { + iframe.onload = null; + iframe.contentWindow.location = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN)}'`; + }); + document.body.appendChild(iframe); + }); + }); +}); + +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-javascript.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-javascript.html new file mode 100644 index 0000000000..cf1f099c63 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-javascript.html @@ -0,0 +1,45 @@ +<!doctype html> +<title>Referrer Policy: iframes with javascript url reuse referrer policy</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="resources/make-html-script.js"></script> +<meta name="referrer" content="unsafe-url"> +<div id="log"></div> +<script> + +[ + { + fetchReferrer: "", + // Because the URL of the Document of <iframe src="javascript:..."> is + // "about:blank", the stripped URL is no referrer: + // https://w3c.github.io/webappsec-referrer-policy/#strip-url. + expected: undefined + }, + { + fetchReferrer: location.origin+"/custom", + // <iframe src="javascript:..."> inherits its parent's referrer policy. + // Note: Setting an explicit URL as referrer succeeds + // because the same-origin check at + // https://fetch.spec.whatwg.org/#dom-request + // is done against <iframe>'s origin, which inherits the parent + // Document's origin == location.orgin. Furthermore, since the iframe + // inherits its parent's referrer policy, the URL should be restricted to + // its origin. + expected: self.origin + "/custom" + } +].forEach(({ fetchReferrer, expected }) => { + promise_test(t => { + return new Promise(resolve => { + window.addEventListener("message", t.step_func(msg => { + assert_equals(msg.data.referrer, expected); + resolve(); + }), { once: true }); + const iframe = document.createElement("iframe"); + iframe.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN, fetchReferrer)}'`; + document.body.appendChild(iframe); + }); + }); +}); + +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-srcdoc-child.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-srcdoc-child.html new file mode 100644 index 0000000000..cd4b4ae724 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-srcdoc-child.html @@ -0,0 +1,34 @@ +<!DOCTYPE html> +<html> + <head> + <title>Referrer Policy: iframes srdoc child correctly inherit the ancestor's referrer policy</title> + <link rel="help" href="https://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-nested"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/common/get-host-info.sub.js"></script> + <script src="resources/make-html-script.js"></script> + <meta name="referrer" content="origin"> + </head> + <body onload="runTest()"> + <h1>Referrer Policy: iframes srcdoc child correctly inherit the ancestor's referrer policy</h1> + <script> + var test = async_test("iframes srcdoc child correctly inherit the ancestor's referrer policy"); + window.addEventListener("message", test.step_func_done(msg => { + assert_equals(msg.data.referrer, self.origin + "/"); + })); + + function runTest() { + var iframe = document.createElement("iframe"); + iframe.srcdoc = `<body><h1>Outer iframe</h1></body>`; + iframe.onload = test.step_func(() => { + iframe.onload = null; + var iframeChild = iframe.contentDocument.createElement("iframe"); + iframeChild.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN); + iframe.contentDocument.body.appendChild(iframeChild); + }); + document.body.appendChild(iframe); + } + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-srcdoc.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-srcdoc.html new file mode 100644 index 0000000000..6904374b63 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/iframe-inheritance-srcdoc.html @@ -0,0 +1,45 @@ +<!DOCTYPE html> +<html> + <head> + <title>Referrer Policy: iframes srdoc correctly inherit the ancestor's referrer policy</title> + <link rel="help" href="https://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-nested"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/common/get-host-info.sub.js"></script> + <script src="resources/make-html-script.js"></script> + <meta name="referrer" content="origin"> + </head> + <body> + <h1>Referrer Policy: iframes srcdoc correctly inherit the ancestor's referrer policy</h1> + <script> + let reportedReferrer = () => { + return new Promise(resolve => { + window.addEventListener("message", msg => resolve(msg.data.referrer)); + }); + }; + + const iframe = document.createElement("iframe"); + + promise_test(async t => { + let referrer = reportedReferrer(); + iframe.srcdoc = createScriptString(get_host_info().REMOTE_ORIGIN, + location.origin + "/custom"); + document.body.appendChild(iframe); + assert_equals(await referrer, self.origin + "/", + "Referrer policy should be inherited from parent."); + + let meta = document.createElement('meta'); + meta.name = "referrer"; + meta.content = "unsafe-url"; + document.head.appendChild(meta); + iframe.contentWindow.postMessage('checkReferrer'); + assert_equals( + await reportedReferrer(), self.origin + "/", + "Changing parent's referrer policy has no effect on the child."); + + }, "Srcdoc iframe inherits referrer policy from parent on creation."); + + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/popup-inheritance-about-blank.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/popup-inheritance-about-blank.html new file mode 100644 index 0000000000..c8e9a9c012 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/popup-inheritance-about-blank.html @@ -0,0 +1,105 @@ +<!doctype html> +<meta charset="utf-8"> +<title>Referrer Policy: popup src="about:blank"</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<meta name="referrer" content="origin"> +<body> +<script> +const testFetchClientReferrer = + async_test("The fetch() API in an about:blank popup with the 'client' " + + "referrer is fetched with no 'Referer' header"); +const testFetchURLReferrer = + async_test("The fetch() API in an about:blank popup with a custom URL " + + "referrer is fetched with a 'Referer` header that uses the " + + "outer document's URL along with its referrer policy"); +const testDocumentReferrer = + async_test("The value of document.referrer in an about:blank popup is the " + + "outer document's full URL, regardless of referrer policy"); +const testSubresource = + async_test("A subresource fetched from an about:blank popup is fetched " + + "with no 'Referer' header"); + +window.addEventListener("message", msg => { + const test_name = msg.data.test; + const referrer = msg.data.referrer; + if (test_name === "testFetchClientReferrer") { + // Because the URL of the document of the popup opened through + // `window.open()` is "about:blank", the stripped URL is no referrer: + // https://w3c.github.io/webappsec-referrer-policy/#strip-url. + testFetchClientReferrer.step_func_done(() => { + assert_equals(referrer, undefined); + })(); + } else if (test_name === "testFetchURLReferrer") { + // The "about:blank" popup inherits its opener's referrer policy. + // Note: Setting an explicit URL as referrer is allowed per spec because the + // same-origin check at https://fetch.spec.whatwg.org/#dom-request is done + // against the popup's origin, which inherits the opener document's origin. + testFetchURLReferrer.step_func_done(() => { + assert_equals(referrer, location.origin + '/'); + })(); + } else if (test_name === "testDocumentReferrer") { + // The referrer of the initial document in an about:blank popup is set to + // its creating document's URL, unredacted by a referrer policy, as per step + // 17 of: + // https://html.spec.whatwg.org/multipage/browsers.html#creating-a-new-browsing-context. + testDocumentReferrer.step_func_done(() => { + assert_equals(referrer, location.href); + })(); + } else if (test_name === "testSubresource") { + // Because the URL of the document of the popup is "about:blank", the + // stripped URL is no referrer: + // https://w3c.github.io/webappsec-referrer-policy/#strip-url. + // + // Note: this test is essentially the same as "testFetchClientReferrer" (the + // only difference is that the fetch is not initiated by javascript). + // Compared to the other test, we expect the empty string here instead of + // `undefined` just because of a testing quirk. + testSubresource.step_func_done(() => { + assert_equals(referrer, ""); + })(); + } +}); + +const popup = window.open(); +const script = popup.document.createElement('script'); + +script.textContent = ` + // Test fetch() API with default "client" referrer. + fetch("${location.origin}/common/security-features/subresource/xhr.py?name=testFetchClientReferrer") + .then(r => r.json()) + .then(j => { + opener.postMessage({test: "testFetchClientReferrer", referrer: j.headers.referer}, "*") + }).catch(e => { + opener.postMessage({test: "testFetchClientReferrer", referrer: "FAILURE"}, "*"); + }); + + // Test fetch() API with custom URL referrer. + fetch("${location.origin}/common/security-features/subresource/xhr.py?name=URL", + {referrer: "${location.href}/custom"}) + .then(r => r.json()) + .then(j => { + opener.postMessage({test: "testFetchURLReferrer", referrer: j.headers.referer}, "*") + }).catch(e => { + opener.postMessage({test: "testFetchURLReferrer", referrer: "FAILURE"}, "*"); + }); + + // Test document.referrer. + opener.postMessage({test: "testDocumentReferrer", referrer: document.referrer}, "*"); + + // Test a subresource being fetched by the popup. + // This is practicallty the same as the first test: the only difference is + // that here the fetch is not triggered by a javascript fetch function but by + // a script element with a src tag embedded in the html source. + const subresource_script = document.createElement('script'); + subresource_script.src = "${location.origin}/common/security-features/subresource/referrer.py"; + subresource_script.onload = e => { + opener.postMessage({test: "testSubresource", referrer: window.referrer}, "*"); + } + subresource_script.onerror = function(e) { + opener.postMessage({test: "testSubresource", referrer: "FAILURE"}, "*"); + }; + document.head.appendChild(subresource_script); +`; +popup.document.body.appendChild(script); +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/popup-inheritance-form-submission.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/popup-inheritance-form-submission.html new file mode 100644 index 0000000000..2c03792a07 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/popup-inheritance-form-submission.html @@ -0,0 +1,30 @@ +<!doctype html> +<meta charset="utf-8"> +<title>Referrer Policy: popup src="about:blank"</title> +<link rel="help" href="https://bugs.chromium.org/p/chromium/issues/detail?id=1370425"> +<link rel="help" href="https://html.spec.whatwg.org/#creating-a-new-browsing-context"> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<body> + +<iframe src="resources/submit-form-and-remove-frame.html"></iframe> +<script> +async_test(t => { + // Called by the child frame once it has submitted its form that creates a new + // `about:blank` window in our browsing context group (therefore, the window + // is reachable by us). + window.removeIframe = t.step_func(() => { + const iframe = document.querySelector('iframe'); + const expected_referrer = iframe.contentWindow.location.href; + iframe.remove(); + + // The child frame is removed, but its form submission navigation is still + // queued on the opened window's global. Wait until it is run and then + // evaluate script. + t.step_timeout(t.step_func_done(() => { + const window_opened_from_form = window.open("", "does-not-exist"); + assert_equals(document.referrer, expected_referrer); + })); + }); +}, "A new frame's document.referrer is correct even if its initiator frame is gone"); +</script> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/resources/make-html-script.js b/testing/web-platform/tests/referrer-policy/generic/inheritance/resources/make-html-script.js new file mode 100644 index 0000000000..6c2c145c4e --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/resources/make-html-script.js @@ -0,0 +1,19 @@ +function createScriptString(origin, referrer) { + let request_init = referrer ? `{referrer: "${referrer}"}` : ""; + return `<script> + function checkReferrer() { + fetch("${origin}/common/security-features/subresource/xhr.py", + ${request_init}) + .then(r => r.json()) + .then(j => { + top.postMessage({referrer: j.headers.referer}, "*") + }).catch(e => { + top.postMessage({referrer: "FAILURE"}, "*"); + }); + } + checkReferrer(); + window.addEventListener("message", msg => { + if (msg.data === "checkReferrer") checkReferrer(); + }); + <\/script>`; +} diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/resources/submit-form-and-remove-frame.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/resources/submit-form-and-remove-frame.html new file mode 100644 index 0000000000..bf5ede96d9 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/resources/submit-form-and-remove-frame.html @@ -0,0 +1,10 @@ +<!doctype html> +<meta name='referrer' content='no-referrer'> +<body onload='start()'> +<script> + function start() { + myform.submit(); + parent.removeIframe(); + } +</script> +<form id='myform' action='about:blank' target='does-not-exist'> diff --git a/testing/web-platform/tests/referrer-policy/generic/inheritance/workers.html b/testing/web-platform/tests/referrer-policy/generic/inheritance/workers.html new file mode 100644 index 0000000000..0bd75a1d15 --- /dev/null +++ b/testing/web-platform/tests/referrer-policy/generic/inheritance/workers.html @@ -0,0 +1,47 @@ +<html> + <head> + <title>Referrer Policy: local scheme workers inherit from creator</title> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/common/get-host-info.sub.js"></script> + <meta name="referrer" content="no-referrer"> + </head> + <script> + let cross_origin = get_host_info().REMOTE_ORIGIN; + + let generateFetchString = postmessage => ` + fetch("${cross_origin}/common/security-features/subresource/xhr.py", + {referrer: "${location.href}/custom"}) + .then(r => r.json()) + .then(j => ${postmessage}({referrer: j.headers.referer})) + .catch(e => ${postmessage}({referrer: "FAILURE"}));` + + async_test(t => { + let blob = new Blob([generateFetchString("postMessage")], + {type : 'application/javascript'}); + let blob_url = URL.createObjectURL(blob); + let worker = new Worker(blob_url); + worker.onmessage = t.step_func_done(msg => { + assert_equals(msg.data.referrer, undefined); + }); + }, "Dedicated worker with local scheme inherits referrer policy " + + "from the creating document."); + + async_test(t => { + let script = ` + onconnect = e => { + let port = e.ports[0]; + port.start(); + ${generateFetchString("port.postMessage")} + };` + let blob = new Blob([script], {type : 'application/javascript'}); + let blob_url = URL.createObjectURL(blob); + let shared_worker = new SharedWorker(blob_url); + shared_worker.port.start(); + shared_worker.port.onmessage = t.step_func_done(msg => { + assert_equals(msg.data.referrer, undefined); + }); + }, "Shared worker with local scheme inherits referrer policy " + + "from the creating document."); + </script> +</html> |