Worker: Add referrer policy tests for shared workers

I manually changed only following files: - external/wpt/referrer-policy/generic/common.js - external/wpt/referrer-policy/generic/referrer-policy-test-case.js - external/wpt/referrer-policy/generic/subresource/shared-worker.py - external/wpt/referrer-policy/generic/template/shared-worker.js.template - external/wpt/referrer-policy/spec.src.json - TestExpectations Others were auto-generated. Bug: 906959 Change-Id: Ib0a84710fe94ba0893d9609bb708a3f5e8fd4091
web-platform-tests · Nov 20, 2018 · 5b45293 · 5b45293
1 parent 1f7b7e4
commit 5b45293
Show file tree

Hide file tree

Showing 58 changed files with 1,541 additions and 4 deletions.
diff --git a/referrer-policy/generic/common.js b/referrer-policy/generic/common.js
@@ -187,6 +187,14 @@ function queryModuleWorkerTopLevel(url, callback) {
   };
 }
 
+function querySharedWorker(url, callback) {
+  var worker = new SharedWorker(url);
+  worker.port.onmessage = function(event) {
+    var server_data = event.data;
+    callback(wrapResult(url, server_data), url);
+  };
+}
+
 function queryFetch(url, callback) {
   fetch(url).then(function(response) {
       response.json().then(function(server_data) {

diff --git a/referrer-policy/generic/referrer-policy-test-case.js b/referrer-policy/generic/referrer-policy-test-case.js
@@ -22,6 +22,7 @@ function ReferrerPolicyTestCase(scenario, testDescription, sanityChecker) {
     "script-tag": queryScript,
     "worker-request": queryWorker,
     "module-worker": queryModuleWorkerTopLevel,
+    "shared-worker": querySharedWorker,
     "xhr-request": queryXhr
   };
 

diff --git a/referrer-policy/generic/subresource/shared-worker.py b/referrer-policy/generic/subresource/shared-worker.py
@@ -0,0 +1,12 @@
+import os, sys, json
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+import subresource
+
+def generate_payload(server_data):
+    return subresource.get_template("shared-worker.js.template") % server_data
+
+def main(request, response):
+    subresource.respond(request,
+                        response,
+                        payload_generator = generate_payload,
+                        content_type = "application/javascript")
diff --git a/referrer-policy/generic/template/shared-worker.js.template b/referrer-policy/generic/template/shared-worker.js.template
@@ -0,0 +1,5 @@
+onconnect = function(e) {
+  e.ports[0].postMessage({
+    "headers": %(headers)s
+  });
+};
diff --git a/...p-rp/same-origin/http-http/shared-worker/keep-origin-redirect/insecure-protocol.http.html b/...p-rp/same-origin/http-http/shared-worker/keep-origin-redirect/insecure-protocol.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/...e-origin/http-http/shared-worker/keep-origin-redirect/insecure-protocol.http.html.headers b/...e-origin/http-http/shared-worker/keep-origin-redirect/insecure-protocol.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer-when-downgrade
+Access-Control-Allow-Origin: *
diff --git a/...grade/http-rp/same-origin/http-http/shared-worker/no-redirect/insecure-protocol.http.html b/...grade/http-rp/same-origin/http-http/shared-worker/no-redirect/insecure-protocol.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/...tp-rp/same-origin/http-http/shared-worker/no-redirect/insecure-protocol.http.html.headers b/...tp-rp/same-origin/http-http/shared-worker/no-redirect/insecure-protocol.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer-when-downgrade
+Access-Control-Allow-Origin: *
diff --git a/...rrer/same-origin/http-http/shared-worker/keep-origin-redirect/insecure-protocol.http.html b/...rrer/same-origin/http-http/shared-worker/keep-origin-redirect/insecure-protocol.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="no-referrer-when-downgrade">
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/...meta-referrer/same-origin/http-http/shared-worker/no-redirect/insecure-protocol.http.html b/...meta-referrer/same-origin/http-http/shared-worker/no-redirect/insecure-protocol.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="no-referrer-when-downgrade">
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer-when-downgrade",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/...ferrer/http-rp/same-origin/http-http/shared-worker/keep-origin-redirect/generic.http.html b/...ferrer/http-rp/same-origin/http-http/shared-worker/keep-origin-redirect/generic.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/...ttp-rp/same-origin/http-http/shared-worker/keep-origin-redirect/generic.http.html.headers b/...ttp-rp/same-origin/http-http/shared-worker/keep-origin-redirect/generic.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer
+Access-Control-Allow-Origin: *
diff --git a/...icy/no-referrer/http-rp/same-origin/http-http/shared-worker/no-redirect/generic.http.html b/...icy/no-referrer/http-rp/same-origin/http-http/shared-worker/no-redirect/generic.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/...eferrer/http-rp/same-origin/http-http/shared-worker/no-redirect/generic.http.html.headers b/...eferrer/http-rp/same-origin/http-http/shared-worker/no-redirect/generic.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: no-referrer
+Access-Control-Allow-Origin: *
diff --git a/.../meta-referrer/same-origin/http-http/shared-worker/keep-origin-redirect/generic.http.html b/.../meta-referrer/same-origin/http-http/shared-worker/keep-origin-redirect/generic.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <meta name="referrer" content="no-referrer">
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/...-referrer/meta-referrer/same-origin/http-http/shared-worker/no-redirect/generic.http.html b/...-referrer/meta-referrer/same-origin/http-http/shared-worker/no-redirect/generic.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'no-referrer'</title>
+    <meta name="description" content="Check that sub-resource never gets the referrer URL.">
+    <meta name="referrer" content="no-referrer">
+    <link rel="author" title="Kristijan Burnik" href="[email protected]">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via shared-worker using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "no-referrer",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "shared-worker",
+          "subresource_path": "/referrer-policy/generic/subresource/shared-worker.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>