tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

intercepted-referrer.https.html (2157B)

      1 <!doctype html>
      2 <meta charset="utf-8">
      3 <title>Service Worker intercepted navigation preserves document.referrer</title>
      4 <script src="/resources/testharness.js"></script>
      5 <script src="/resources/testharnessreport.js"></script>
      6 <script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
      7 
      8 <body>
      9 <h1>Service Worker intercepted navigation preserves document.referrer</h1>
     10 <script>
     11 promise_test(async t => {
     12  // Scope where the SW will control navigations.
     13  // This lives under the same directory as the SW script below.
     14  const scope = 'resources/referrer-scope/';
     15 
     16  // Ensure a clean registration, then register the SW.
     17  const reg = await service_worker_unregister_and_register(
     18      t, 'resources/intercepted-referrer-sw.js', scope);
     19 
     20  // Wait for activation (handles fresh or already-active cases).
     21  const worker = reg.installing || reg.waiting || reg.active;
     22  await wait_for_state(t, worker, 'activated');
     23 
     24  // We’ll get one message back from the intercepted document.
     25  const messagePromise = new Promise(resolve => {
     26    window.addEventListener('message', e => resolve(e.data), { once: true });
     27  });
     28 
     29  // Create a navigation under the SW’s scope. The SW will synthesize the page.
     30  const iframe = document.createElement('iframe');
     31  t.add_cleanup(() => iframe.remove());
     32  iframe.src = scope + 'navigated.html';
     33  document.body.append(iframe);
     34 
     35  const data = await messagePromise;
     36 
     37  // Basic sanity from the child payload.
     38  assert_equals(data && data.source, 'sw-intercepted', 'Child payload is from SW response');
     39 
     40  // document.referrer should be the full URL of this test page (same-origin default policy).
     41  // WPT servers send same-origin requests with full referrer (default "strict-origin-when-cross-origin").
     42  const expectedReferrer = location.href;
     43 
     44  assert_equals(data.referrer, expectedReferrer,
     45    'document.referrer inside the SW-synthesized document equals the parent test page URL');
     46 
     47  // Clean up: unregister the SW.
     48  t.add_cleanup(() => reg.unregister());
     49 }, 'document.referrer for a navigation intercepted by a Service Worker is unchanged and matches the parent URL');
     50 </script>
     51 </body>