tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

referrer-policies.sub.html (4076B)

      1 <!DOCTYPE html>
      2 <html>
      3 <head>
      4 <title>Referrers with CSS module requests</title>
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 </head>
      8 <body>
      9 <script type="module">
     10  // "name" parameter is necessary for bypassing the module map.
     11  import referrerSame from "./resources/referrer-checker.py?name=sameNoReferrerPolicy" with { type: "css"};
     12  import referrerRemote from "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/scripting-1/the-script-element/css-module/resources/referrer-checker.py?name=remoteNoReferrerPolicy" with { type: "css"};
     13 
     14  const origin = (new URL(location.href)).origin + "/";
     15  const originUrl = location.href;
     16 
     17  test(t => {
     18    assert_equals(
     19        referrerSame.rules[0].style.content, '"' + originUrl + '"',
     20        "Referrer URL should be sent for the same-origin top-level script.");
     21  }, "Importing a same-origin top-level script with the default referrer policy.");
     22 
     23  test(t => {
     24    assert_equals(
     25        referrerRemote.rules[0].style.content, '"' + origin + '"',
     26        "Referrer origin should be sent for the remote-origin top-level script.");
     27  }, "Importing a remote-origin top-level script with the default referrer policy.");
     28 </script>
     29 <script type="module" referrerpolicy="origin">
     30  import referrerSame from "./resources/referrer-checker.py?name=sameReferrerPolicyOrigin" with { type: "css"};
     31  import referrerRemote from "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/scripting-1/the-script-element/css-module/resources/referrer-checker.py?name=remoteReferrerPolicyOrigin" with { type: "css"};
     32 
     33  const origin = (new URL(location.href)).origin + "/";
     34 
     35  test(t => {
     36    assert_equals(
     37        referrerSame.rules[0].style.content, '"' + origin + '"',
     38        "Referrer origin should be sent for the same-origin top-level script.");
     39  }, "Importing a same-origin top-level script with the origin policy.");
     40 
     41  test(t => {
     42    assert_equals(
     43        referrerRemote.rules[0].style.content, '"' + origin + '"',
     44        "Referrer origin should be sent for the remote-origin top-level script.");
     45  }, "Importing a remote-origin top-level script with the origin policy.");
     46 
     47 </script>
     48 <script type="module" referrerpolicy="no-referrer">
     49  import referrerSame from "./resources/referrer-checker.py?name=sameReferrerPolicyNoReferrer" with { type: "css"};
     50  import referrerRemote from "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/scripting-1/the-script-element/css-module/resources/referrer-checker.py?name=remoteReferrerPolicyNoReferrer" with { type: "css"};
     51 
     52  test(t => {
     53    assert_equals(
     54        referrerSame.rules[0].style.content, '""',
     55        "No referrer should be sent for the same-origin top-level script.");
     56  }, "Importing a same-origin top-level script with the no-referrer policy.");
     57 
     58  test(t => {
     59    assert_equals(
     60        referrerRemote.rules[0].style.content, '""',
     61        "No referrer should be sent for the remote-origin top-level script.");
     62  }, "Importing a remote-origin top-level script with the no-referrer policy.");
     63 
     64 </script>
     65 <script type="module" referrerpolicy="unsafe-url">
     66  import referrerSame from "./resources/referrer-checker.py?name=sameNoReferrerPolicyUnsafeUrl" with { type: "css"};
     67  import referrerRemote from "http://{{domains[www1]}}:{{ports[http][0]}}/html/semantics/scripting-1/the-script-element/css-module/resources/referrer-checker.py?name=remoteNoReferrerPolicyUnsafeUrl" with { type: "css"};
     68 
     69  const originUrl = location.href;
     70 
     71  test(t => {
     72    assert_equals(
     73        referrerSame.rules[0].style.content, '"' + originUrl + '"',
     74        "Referrer URL should be sent for the same-origin top-level script.");
     75  }, "Importing a same-origin top-level script with the unsafe-url referrer policy.");
     76 
     77  test(t => {
     78    assert_equals(
     79        referrerRemote.rules[0].style.content, '"' + originUrl + '"',
     80        "Referrer URL should be sent for the remote-origin top-level script.");
     81  }, "Importing a remote-origin top-level script with the unsafe-url referrer policy.");
     82 </script>
     83 </body>
     84 </html>