element-link-icon.https.sub.html (10983B)
1 <!DOCTYPE html> 2 <!-- 3 This test was procedurally generated. Please do not modify it directly. 4 Sources: 5 - fetch/metadata/tools/fetch-metadata.conf.yml 6 - fetch/metadata/tools/templates/element-link-icon.sub.html 7 --> 8 <html lang="en"> 9 <meta charset="utf-8"> 10 <meta name="timeout" content="long"> 11 <title>HTTP headers on request for HTML "link" element with rel="icon"</title> 12 <script src="/resources/testharness.js"></script> 13 <script src="/resources/testharnessreport.js"></script> 14 <script src="/fetch/metadata/resources/helper.sub.js"></script> 15 <body> 16 <script> 17 'use strict'; 18 19 const params = { 20 body: ` 21 <svg xmlns="http://www.w3.org/2000/svg" width="123" height="123"> 22 <rect fill="lime" width="123" height="123"/> 23 </svg> 24 `, 25 mime: 'image/svg+xml' 26 }; 27 28 /** 29 * The `link` element supports a `load` event. That event would reliably 30 * indicate that the browser had received the request. Multiple major 31 * browsers do not implement the event, however, so in order to promote the 32 * visibility of this test, a less efficient polling-based detection 33 * mechanism is used. 34 * 35 * https://bugzilla.mozilla.org/show_bug.cgi?id=1638188 36 * https://bugs.chromium.org/p/chromium/issues/detail?id=1083034 37 */ 38 function induceRequest(t, url, attributes) { 39 const link = document.createElement('link'); 40 link.setAttribute('rel', 'icon'); 41 link.setAttribute('href', url); 42 43 for (const [ name, value ] of Object.entries(attributes)) { 44 link.setAttribute(name, value); 45 } 46 47 document.head.appendChild(link); 48 t.add_cleanup(() => link.remove()); 49 } 50 51 promise_test((t) => { 52 const key = '{{uuid()}}'; 53 54 induceRequest( 55 t, 56 makeRequestURL(key, ['httpsOrigin'], params), 57 {} 58 ); 59 60 return retrieve(key, {poll:true}) 61 .then((headers) => { 62 assert_own_property(headers, 'sec-fetch-site'); 63 assert_array_equals(headers['sec-fetch-site'], ['same-origin']); 64 }); 65 }, 'sec-fetch-site - Same origin no attributes'); 66 67 promise_test((t) => { 68 const key = '{{uuid()}}'; 69 70 induceRequest( 71 t, 72 makeRequestURL(key, ['httpsCrossSite'], params), 73 {} 74 ); 75 76 return retrieve(key, {poll:true}) 77 .then((headers) => { 78 assert_own_property(headers, 'sec-fetch-site'); 79 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 80 }); 81 }, 'sec-fetch-site - Cross-site no attributes'); 82 83 promise_test((t) => { 84 const key = '{{uuid()}}'; 85 86 induceRequest( 87 t, 88 makeRequestURL(key, ['httpsSameSite'], params), 89 {} 90 ); 91 92 return retrieve(key, {poll:true}) 93 .then((headers) => { 94 assert_own_property(headers, 'sec-fetch-site'); 95 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 96 }); 97 }, 'sec-fetch-site - Same site no attributes'); 98 99 promise_test((t) => { 100 const key = '{{uuid()}}'; 101 102 induceRequest( 103 t, 104 makeRequestURL(key, ['httpsOrigin', 'httpsCrossSite', 'httpsOrigin'], params), 105 {} 106 ); 107 108 return retrieve(key, {poll:true}) 109 .then((headers) => { 110 assert_own_property(headers, 'sec-fetch-site'); 111 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 112 }); 113 }, 'sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect no attributes'); 114 115 promise_test((t) => { 116 const key = '{{uuid()}}'; 117 118 induceRequest( 119 t, 120 makeRequestURL(key, ['httpsOrigin', 'httpsSameSite', 'httpsOrigin'], params), 121 {} 122 ); 123 124 return retrieve(key, {poll:true}) 125 .then((headers) => { 126 assert_own_property(headers, 'sec-fetch-site'); 127 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 128 }); 129 }, 'sec-fetch-site - Same-Origin -> Same-Site -> Same-Origin redirect no attributes'); 130 131 promise_test((t) => { 132 const key = '{{uuid()}}'; 133 134 induceRequest( 135 t, 136 makeRequestURL(key, ['httpsCrossSite', 'httpsOrigin'], params), 137 {} 138 ); 139 140 return retrieve(key, {poll:true}) 141 .then((headers) => { 142 assert_own_property(headers, 'sec-fetch-site'); 143 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 144 }); 145 }, 'sec-fetch-site - Cross-Site -> Same Origin no attributes'); 146 147 promise_test((t) => { 148 const key = '{{uuid()}}'; 149 150 induceRequest( 151 t, 152 makeRequestURL(key, ['httpsCrossSite', 'httpsSameSite'], params), 153 {} 154 ); 155 156 return retrieve(key, {poll:true}) 157 .then((headers) => { 158 assert_own_property(headers, 'sec-fetch-site'); 159 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 160 }); 161 }, 'sec-fetch-site - Cross-Site -> Same-Site no attributes'); 162 163 promise_test((t) => { 164 const key = '{{uuid()}}'; 165 166 induceRequest( 167 t, 168 makeRequestURL(key, ['httpsCrossSite', 'httpsCrossSite'], params), 169 {} 170 ); 171 172 return retrieve(key, {poll:true}) 173 .then((headers) => { 174 assert_own_property(headers, 'sec-fetch-site'); 175 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 176 }); 177 }, 'sec-fetch-site - Cross-Site -> Cross-Site no attributes'); 178 179 promise_test((t) => { 180 const key = '{{uuid()}}'; 181 182 induceRequest( 183 t, 184 makeRequestURL(key, ['httpsOrigin', 'httpsOrigin'], params), 185 {} 186 ); 187 188 return retrieve(key, {poll:true}) 189 .then((headers) => { 190 assert_own_property(headers, 'sec-fetch-site'); 191 assert_array_equals(headers['sec-fetch-site'], ['same-origin']); 192 }); 193 }, 'sec-fetch-site - Same-Origin -> Same Origin no attributes'); 194 195 promise_test((t) => { 196 const key = '{{uuid()}}'; 197 198 induceRequest( 199 t, 200 makeRequestURL(key, ['httpsOrigin', 'httpsSameSite'], params), 201 {} 202 ); 203 204 return retrieve(key, {poll:true}) 205 .then((headers) => { 206 assert_own_property(headers, 'sec-fetch-site'); 207 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 208 }); 209 }, 'sec-fetch-site - Same-Origin -> Same-Site no attributes'); 210 211 promise_test((t) => { 212 const key = '{{uuid()}}'; 213 214 induceRequest( 215 t, 216 makeRequestURL(key, ['httpsOrigin', 'httpsCrossSite'], params), 217 {} 218 ); 219 220 return retrieve(key, {poll:true}) 221 .then((headers) => { 222 assert_own_property(headers, 'sec-fetch-site'); 223 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 224 }); 225 }, 'sec-fetch-site - Same-Origin -> Cross-Site no attributes'); 226 227 promise_test((t) => { 228 const key = '{{uuid()}}'; 229 230 induceRequest( 231 t, 232 makeRequestURL(key, ['httpsSameSite', 'httpsOrigin'], params), 233 {} 234 ); 235 236 return retrieve(key, {poll:true}) 237 .then((headers) => { 238 assert_own_property(headers, 'sec-fetch-site'); 239 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 240 }); 241 }, 'sec-fetch-site - Same-Site -> Same Origin no attributes'); 242 243 promise_test((t) => { 244 const key = '{{uuid()}}'; 245 246 induceRequest( 247 t, 248 makeRequestURL(key, ['httpsSameSite', 'httpsSameSite'], params), 249 {} 250 ); 251 252 return retrieve(key, {poll:true}) 253 .then((headers) => { 254 assert_own_property(headers, 'sec-fetch-site'); 255 assert_array_equals(headers['sec-fetch-site'], ['same-site']); 256 }); 257 }, 'sec-fetch-site - Same-Site -> Same-Site no attributes'); 258 259 promise_test((t) => { 260 const key = '{{uuid()}}'; 261 262 induceRequest( 263 t, 264 makeRequestURL(key, ['httpsSameSite', 'httpsCrossSite'], params), 265 {} 266 ); 267 268 return retrieve(key, {poll:true}) 269 .then((headers) => { 270 assert_own_property(headers, 'sec-fetch-site'); 271 assert_array_equals(headers['sec-fetch-site'], ['cross-site']); 272 }); 273 }, 'sec-fetch-site - Same-Site -> Cross-Site no attributes'); 274 275 promise_test((t) => { 276 const key = '{{uuid()}}'; 277 278 induceRequest( 279 t, 280 makeRequestURL(key, [], params), 281 {} 282 ); 283 284 return retrieve(key, {poll:true}) 285 .then((headers) => { 286 assert_own_property(headers, 'sec-fetch-mode'); 287 assert_array_equals(headers['sec-fetch-mode'], ['no-cors']); 288 }); 289 }, 'sec-fetch-mode no attributes'); 290 291 promise_test((t) => { 292 const key = '{{uuid()}}'; 293 294 induceRequest( 295 t, 296 makeRequestURL(key, [], params), 297 {"crossorigin": ""} 298 ); 299 300 return retrieve(key, {poll:true}) 301 .then((headers) => { 302 assert_own_property(headers, 'sec-fetch-mode'); 303 assert_array_equals(headers['sec-fetch-mode'], ['cors']); 304 }); 305 }, 'sec-fetch-mode attributes: crossorigin'); 306 307 promise_test((t) => { 308 const key = '{{uuid()}}'; 309 310 induceRequest( 311 t, 312 makeRequestURL(key, [], params), 313 {"crossorigin": "anonymous"} 314 ); 315 316 return retrieve(key, {poll:true}) 317 .then((headers) => { 318 assert_own_property(headers, 'sec-fetch-mode'); 319 assert_array_equals(headers['sec-fetch-mode'], ['cors']); 320 }); 321 }, 'sec-fetch-mode attributes: crossorigin=anonymous'); 322 323 promise_test((t) => { 324 const key = '{{uuid()}}'; 325 326 induceRequest( 327 t, 328 makeRequestURL(key, [], params), 329 {"crossorigin": "use-credentials"} 330 ); 331 332 return retrieve(key, {poll:true}) 333 .then((headers) => { 334 assert_own_property(headers, 'sec-fetch-mode'); 335 assert_array_equals(headers['sec-fetch-mode'], ['cors']); 336 }); 337 }, 'sec-fetch-mode attributes: crossorigin=use-credentials'); 338 339 promise_test((t) => { 340 const key = '{{uuid()}}'; 341 342 induceRequest( 343 t, 344 makeRequestURL(key, [], params), 345 {} 346 ); 347 348 return retrieve(key, {poll:true}) 349 .then((headers) => { 350 assert_own_property(headers, 'sec-fetch-dest'); 351 assert_array_equals(headers['sec-fetch-dest'], ['empty']); 352 }); 353 }, 'sec-fetch-dest no attributes'); 354 355 promise_test((t) => { 356 const key = '{{uuid()}}'; 357 358 induceRequest( 359 t, 360 makeRequestURL(key, [], params), 361 {} 362 ); 363 364 return retrieve(key, {poll:true}) 365 .then((headers) => { 366 assert_not_own_property(headers, 'sec-fetch-user'); 367 }); 368 }, 'sec-fetch-user no attributes'); 369 370 promise_test((t) => { 371 const key = '{{uuid()}}'; 372 373 induceRequest( 374 t, 375 makeRequestURL(key, ['httpsCrossSite'], params), 376 {} 377 ); 378 379 return retrieve(key, {poll:true}) 380 .then((headers) => { 381 assert_own_property(headers, 'sec-fetch-storage-access'); 382 assert_array_equals(headers['sec-fetch-storage-access'], ['none']); 383 }); 384 }, 'sec-fetch-storage-access - Cross-site no attributes'); 385 386 promise_test((t) => { 387 const key = '{{uuid()}}'; 388 389 induceRequest( 390 t, 391 makeRequestURL(key, ['httpsSameSite'], params), 392 {} 393 ); 394 395 return retrieve(key, {poll:true}) 396 .then((headers) => { 397 assert_not_own_property(headers, 'sec-fetch-storage-access'); 398 }); 399 }, 'sec-fetch-storage-access - Same site no attributes'); 400 </script> 401 </body> 402 </html>