iframe-inheritance-document-write.html (1605B)
1 <!doctype html> 2 <title>Referrer Policy: iframes with document.write()</title> 3 <script src="/resources/testharness.js"></script> 4 <script src="/resources/testharnessreport.js"></script> 5 <script src="/common/get-host-info.sub.js"></script> 6 <script src="resources/make-html-script.js"></script> 7 <meta name="referrer" content="origin"> 8 <div id="log"></div> 9 <script> 10 let reportedReferrer = () => { 11 return new Promise(resolve => { 12 window.addEventListener("message", msg => resolve(msg.data.referrer)); 13 }); 14 }; 15 16 const iframe = document.createElement("iframe"); 17 promise_test(async t => { 18 let referrer_of_srcdoc_iframe = reportedReferrer(); 19 const script_to_fetch_cross_origin_resource = 20 createScriptString(get_host_info().REMOTE_ORIGIN, location.origin + "/custom"); 21 iframe.srcdoc = `<head><meta name="referrer" content="unsafe-url"></head>` 22 + script_to_fetch_cross_origin_resource; 23 document.body.appendChild(iframe); 24 assert_equals(await referrer_of_srcdoc_iframe, self.origin + "/custom", 25 "Srcdoc iframe setting referrer policy via meta header should use that referrer policy."); 26 27 let referrer_after_document_open = reportedReferrer(); 28 iframe.contentDocument.open(); 29 iframe.contentDocument.write(script_to_fetch_cross_origin_resource); 30 iframe.contentDocument.close(); 31 assert_equals(await referrer_after_document_open, self.origin + "/custom", 32 "Referrer policy should not change after document.open()."); 33 }, "document.open() should not change the referrer policy of the opened document."); 34 </script>