tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

referrer-policy-header.https.html (2960B)

      1 <!DOCTYPE html>
      2 <title>Service Worker: check referer of fetch() with Referrer Policy</title>
      3 <script src="/resources/testharness.js"></script>
      4 <script src="/resources/testharnessreport.js"></script>
      5 <script src="/common/get-host-info.sub.js"></script>
      6 <script src="resources/test-helpers.sub.js"></script>
      7 <script>
      8 
      9 const SCOPE = 'resources/referrer-policy-iframe.html';
     10 const SCRIPT = 'resources/fetch-rewrite-worker-referrer-policy.js';
     11 
     12 promise_test(async t => {
     13    const registration =
     14        await service_worker_unregister_and_register(t, SCRIPT, SCOPE);
     15    await wait_for_state(t, registration.installing, 'activated');
     16    t.add_cleanup(() => registration.unregister(),
     17                 'Remove registration as a cleanup');
     18 
     19    const full_scope_url = new URL(SCOPE, location.href);
     20    const redirect_to = `${full_scope_url.href}?ignore=true`;
     21    const frame = await with_iframe(
     22        `${SCOPE}?pipe=status(302)|header(Location,${redirect_to})|` +
     23        'header(Referrer-Policy,origin)');
     24    assert_equals(frame.contentDocument.referrer,
     25                  full_scope_url.origin + '/');
     26    t.add_cleanup(() => frame.remove());
     27 }, 'Referrer for a main resource redirected with referrer-policy (origin) ' +
     28   'should only have origin.');
     29 
     30 promise_test(async t => {
     31    const registration =
     32        await service_worker_unregister_and_register(t, SCRIPT, SCOPE, `{type: 'module'}`);
     33    await wait_for_state(t, registration.installing, 'activated');
     34    t.add_cleanup(() => registration.unregister(),
     35                 'Remove registration as a cleanup');
     36 
     37    const full_scope_url = new URL(SCOPE, location.href);
     38    const redirect_to = `${full_scope_url.href}?ignore=true`;
     39    const frame = await with_iframe(
     40        `${SCOPE}?pipe=status(302)|header(Location,${redirect_to})|` +
     41        'header(Referrer-Policy,origin)');
     42    assert_equals(frame.contentDocument.referrer,
     43                  full_scope_url.origin + '/');
     44    t.add_cleanup(() => frame.remove());
     45 }, 'Referrer for a main resource redirected with a module script with referrer-policy (origin) ' +
     46   'should only have origin.');
     47 
     48 promise_test(async t => {
     49    const registration =
     50        await service_worker_unregister_and_register(t, SCRIPT, SCOPE);
     51    await wait_for_state(t, registration.installing, 'activated');
     52    t.add_cleanup(() => registration.unregister(),
     53                 'Remove registration as a cleanup');
     54 
     55    const host_info = get_host_info();
     56    const frame = await with_iframe(SCOPE);
     57    const channel = new MessageChannel();
     58    t.add_cleanup(() => frame.remove());
     59    const e = await new Promise(resolve => {
     60        channel.port1.onmessage = resolve;
     61        frame.contentWindow.postMessage(
     62            {}, host_info['HTTPS_ORIGIN'], [channel.port2]);
     63    });
     64    assert_equals(e.data.results, 'finish');
     65 }, 'Referrer for fetch requests initiated from a service worker with ' +
     66   'referrer-policy (origin) should only have origin.');
     67 </script>