element-embed.https.sub.html (8328B)
1 <!DOCTYPE html> 2 <!-- 3 This test was procedurally generated. Please do not modify it directly. 4 Sources: 5 - fetch/metadata/tools/fetch-metadata.conf.yml 6 - fetch/metadata/tools/templates/element-embed.sub.html 7 --> 8 <html lang="en"> 9 <meta charset="utf-8"> 10 <title>HTTP headers on request for HTML "embed" element source</title> 11 <script src="/resources/testharness.js"></script> 12 <script src="/resources/testharnessreport.js"></script> 13 <script src="/fetch/metadata/resources/helper.sub.js"></script> 14 <body> 15 <script> 16 'use strict'; 17 18 const params = { 19 body: ` 20 <svg xmlns="http://www.w3.org/2000/svg" width="123" height="123"> 21 <rect fill="lime" width="123" height="123"/> 22 </svg> 23 `, 24 mime: 'image/svg+xml' 25 }; 26 27 function induceRequest(t, url) { 28 const embed = document.createElement('embed'); 29 embed.setAttribute('src', url); 30 document.body.appendChild(embed); 31 32 t.add_cleanup(() => embed.remove()); 33 34 return new Promise((resolve) => embed.addEventListener('load', resolve)); 35 } 36 37 promise_test((t) => { 38 const key = '{{uuid()}}'; 39 40 return induceRequest(t, makeRequestURL(key, ['httpsOrigin'], params)) 41 .then(() => retrieve(key)) 42 .then((headers) => { 43 assert_own_property(headers, 'sec-fetch-site'); 44 assert_array_equals(headers['sec-fetch-site'], ['same-origin']); 45 }); 46 }, 'sec-fetch-site - Same origin'); 47 48 promise_test((t) => { 49 const key = '{{uuid()}}'; 50 51 return induceRequest(t, makeRequestURL(key, ['httpsCrossSite'], params)) 52 .then(() => retrieve(key)) 53 .then((headers) => { 54 assert_own_property(headers, 'sec-fetch-site'); 55 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 56 }); 57 }, 'sec-fetch-site - Cross-site'); 58 59 promise_test((t) => { 60 const key = '{{uuid()}}'; 61 62 return induceRequest(t, makeRequestURL(key, ['httpsSameSite'], params)) 63 .then(() => retrieve(key)) 64 .then((headers) => { 65 assert_own_property(headers, 'sec-fetch-site'); 66 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 67 }); 68 }, 'sec-fetch-site - Same site'); 69 70 promise_test((t) => { 71 const key = '{{uuid()}}'; 72 73 return induceRequest(t, makeRequestURL(key, ['httpsOrigin', 'httpsCrossSite', 'httpsOrigin'], params)) 74 .then(() => retrieve(key)) 75 .then((headers) => { 76 assert_own_property(headers, 'sec-fetch-site'); 77 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 78 }); 79 }, 'sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect'); 80 81 promise_test((t) => { 82 const key = '{{uuid()}}'; 83 84 return induceRequest(t, makeRequestURL(key, ['httpsOrigin', 'httpsSameSite', 'httpsOrigin'], params)) 85 .then(() => retrieve(key)) 86 .then((headers) => { 87 assert_own_property(headers, 'sec-fetch-site'); 88 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 89 }); 90 }, 'sec-fetch-site - Same-Origin -> Same-Site -> Same-Origin redirect'); 91 92 promise_test((t) => { 93 const key = '{{uuid()}}'; 94 95 return induceRequest(t, makeRequestURL(key, ['httpsCrossSite', 'httpsOrigin'], params)) 96 .then(() => retrieve(key)) 97 .then((headers) => { 98 assert_own_property(headers, 'sec-fetch-site'); 99 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 100 }); 101 }, 'sec-fetch-site - Cross-Site -> Same Origin'); 102 103 promise_test((t) => { 104 const key = '{{uuid()}}'; 105 106 return induceRequest(t, makeRequestURL(key, ['httpsCrossSite', 'httpsSameSite'], params)) 107 .then(() => retrieve(key)) 108 .then((headers) => { 109 assert_own_property(headers, 'sec-fetch-site'); 110 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 111 }); 112 }, 'sec-fetch-site - Cross-Site -> Same-Site'); 113 114 promise_test((t) => { 115 const key = '{{uuid()}}'; 116 117 return induceRequest(t, makeRequestURL(key, ['httpsCrossSite', 'httpsCrossSite'], params)) 118 .then(() => retrieve(key)) 119 .then((headers) => { 120 assert_own_property(headers, 'sec-fetch-site'); 121 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 122 }); 123 }, 'sec-fetch-site - Cross-Site -> Cross-Site'); 124 125 promise_test((t) => { 126 const key = '{{uuid()}}'; 127 128 return induceRequest(t, makeRequestURL(key, ['httpsOrigin', 'httpsOrigin'], params)) 129 .then(() => retrieve(key)) 130 .then((headers) => { 131 assert_own_property(headers, 'sec-fetch-site'); 132 assert_array_equals(headers['sec-fetch-site'], ['same-origin']); 133 }); 134 }, 'sec-fetch-site - Same-Origin -> Same Origin'); 135 136 promise_test((t) => { 137 const key = '{{uuid()}}'; 138 139 return induceRequest(t, makeRequestURL(key, ['httpsOrigin', 'httpsSameSite'], params)) 140 .then(() => retrieve(key)) 141 .then((headers) => { 142 assert_own_property(headers, 'sec-fetch-site'); 143 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 144 }); 145 }, 'sec-fetch-site - Same-Origin -> Same-Site'); 146 147 promise_test((t) => { 148 const key = '{{uuid()}}'; 149 150 return induceRequest(t, makeRequestURL(key, ['httpsOrigin', 'httpsCrossSite'], params)) 151 .then(() => retrieve(key)) 152 .then((headers) => { 153 assert_own_property(headers, 'sec-fetch-site'); 154 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 155 }); 156 }, 'sec-fetch-site - Same-Origin -> Cross-Site'); 157 158 promise_test((t) => { 159 const key = '{{uuid()}}'; 160 161 return induceRequest(t, makeRequestURL(key, ['httpsSameSite', 'httpsOrigin'], params)) 162 .then(() => retrieve(key)) 163 .then((headers) => { 164 assert_own_property(headers, 'sec-fetch-site'); 165 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 166 }); 167 }, 'sec-fetch-site - Same-Site -> Same Origin'); 168 169 promise_test((t) => { 170 const key = '{{uuid()}}'; 171 172 return induceRequest(t, makeRequestURL(key, ['httpsSameSite', 'httpsSameSite'], params)) 173 .then(() => retrieve(key)) 174 .then((headers) => { 175 assert_own_property(headers, 'sec-fetch-site'); 176 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 177 }); 178 }, 'sec-fetch-site - Same-Site -> Same-Site'); 179 180 promise_test((t) => { 181 const key = '{{uuid()}}'; 182 183 return induceRequest(t, makeRequestURL(key, ['httpsSameSite', 'httpsCrossSite'], params)) 184 .then(() => retrieve(key)) 185 .then((headers) => { 186 assert_own_property(headers, 'sec-fetch-site'); 187 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 188 }); 189 }, 'sec-fetch-site - Same-Site -> Cross-Site'); 190 191 promise_test((t) => { 192 const key = '{{uuid()}}'; 193 194 return induceRequest(t, makeRequestURL(key, [], params)) 195 .then(() => retrieve(key)) 196 .then((headers) => { 197 assert_own_property(headers, 'sec-fetch-mode'); 198 assert_array_equals(headers['sec-fetch-mode'], ['no-cors']); 199 }); 200 }, 'sec-fetch-mode'); 201 202 promise_test((t) => { 203 const key = '{{uuid()}}'; 204 205 return induceRequest(t, makeRequestURL(key, [], params)) 206 .then(() => retrieve(key)) 207 .then((headers) => { 208 assert_own_property(headers, 'sec-fetch-dest'); 209 assert_array_equals(headers['sec-fetch-dest'], ['embed']); 210 }); 211 }, 'sec-fetch-dest'); 212 213 promise_test((t) => { 214 const key = '{{uuid()}}'; 215 216 return induceRequest(t, makeRequestURL(key, [], params)) 217 .then(() => retrieve(key)) 218 .then((headers) => { 219 assert_not_own_property(headers, 'sec-fetch-user'); 220 }); 221 }, 'sec-fetch-user'); 222 223 promise_test((t) => { 224 const key = '{{uuid()}}'; 225 226 return induceRequest(t, makeRequestURL(key, ['httpsCrossSite'], params)) 227 .then(() => retrieve(key)) 228 .then((headers) => { 229 assert_own_property(headers, 'sec-fetch-storage-access'); 230 assert_array_equals(headers['sec-fetch-storage-access'], ['none']); 231 }); 232 }, 'sec-fetch-storage-access - Cross-site'); 233 234 promise_test((t) => { 235 const key = '{{uuid()}}'; 236 237 return induceRequest(t, makeRequestURL(key, ['httpsSameSite'], params)) 238 .then(() => retrieve(key)) 239 .then((headers) => { 240 assert_not_own_property(headers, 'sec-fetch-storage-access'); 241 }); 242 }, 'sec-fetch-storage-access - Same site'); 243 </script> 244 </body> 245 </html>