WPT test: referrer on navigation from opaque origin.

[Bug] showed there was a mismatch in between Chrome and Firefox about
the referrer sent during a navigation, when initiated from a document
with an opaque origin.

Chrome:
  No referrer sent for both subresources and main resources.

Firefox:
  No referrer sent for subresources, but a referrer is sent for main
  resources.

This patch is meant to help making web browser to eventually converge.

We believe the correct behavior is not to send the referrer:
- 3.1.2 of [determine-requests-referrer]
- 6.9 of [http-network-or-cache-fetch]

[Bug]: https://crbug.com/1109065
[determine-requests-referrer]: https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer,
[http-network-or-cache-fetch]: https://fetch.spec.whatwg.org/#http-network-or-cache-fetch).

Fixed: 1109065
Bug: 1109065
Change-Id: I15c80d52d963fc8e8a1318e4bf89fe72234c5fc6
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2584029
Commit-Queue: Arthur Sonzogni <arthursonzogni@chromium.org>
Reviewed-by: Dominic Farolino <dom@chromium.org>
Cr-Commit-Position: refs/heads/master@{#836052}

third_party/blink/web_tests/external/wpt/referrer-policy/generic/sandboxed-iframe-with-opaque-origin.html

 <!DOCTYPE html>
 <html>
-  <head>
-    <title>Referrer Policy: Sandboxed iframes with opaque origins don't send referrers</title>
-    <link rel="author" title="Jochen Eisinger" href="mailto:jochen@chromium.org">
-    <link rel="help" href="https://www.w3.org/TR/referrer-policy/#determine-requests-referrer">
-    <script src="/resources/testharness.js"></script>
-    <script src="/resources/testharnessreport.js"></script>
-    <!-- Common global functions for referrer-policy tests. -->
-    <script src="/common/security-features/resources/common.sub.js"></script>
-  </head>
-  <body>
-    <h1>Referrer Policy: A document with an opaque origin doesn't send referrers</h1>
-    <script>
-      function testSandboxedIframe(description, sandboxAttributes, expectedReferrer) {
-        async_test(function(test) {
-          window.addEventListener("message", test.step_func((msg) => {
-            if (msg.data.description === description) {
-              assert_equals(msg.data.referrer, expectedReferrer);
-              test.done();
-            }
-          }));
-
-          var iframe = document.createElement("iframe");
-          iframe.sandbox = sandboxAttributes;
-          iframe.srcdoc = `
-              <meta name = "referrer" content = "always">
-              <script src = "/common/security-features/resources/common.sub.js"></` + `script>
-              <script>
-                var urlPath = "/common/security-features/subresource/xhr.py";
-                var url = "${location.protocol}//www1.${location.hostname}:${location.port}" + urlPath;
-                requestViaXhr(url).then((msg) => {
-                    parent.postMessage({referrer: msg.referrer, description: "${description}"}, "*")
-                  })
-                  .catch((e) => {
-                    parent.postMessage({referrer: "FAILURE", description: "${description}"}, "*")
-                  });
-              </` + "script>";
-          document.body.appendChild(iframe);
-        }, description);
-      }
-
-      testSandboxedIframe("Sandboxed iframe with opaque origin doesn't send referrers.", "allow-scripts", undefined);
-      testSandboxedIframe("Sandboxed iframe with tuple origin sends referrers.", "allow-same-origin allow-scripts", document.location.href);
-    </script>
-
-    <div id="log"></div>
-  </body>
+<head>
+  <title>Referrer Policy: Sandboxed iframes with opaque origins don't send referrers</title>
+  <link rel="author" title="Jochen Eisinger" href="mailto:jochen@chromium.org">
+  <link rel="author" title="Arthur Sonzogni" href="mailto:arthursonzogni@chromium.org">
+  <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer">
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <!-- Common global functions for referrer-policy tests. -->
+  <script src="/common/security-features/resources/common.sub.js"></script>
+  <script src="/common/get-host-info.sub.js"></script>
+</head>
+<body>
+<h1>
+  Referrer Policy: A document with an opaque origin doesn't send referrers
+</h1>
+<script>
+
+let futureMessage = function() {
+  return new Promise(resolve => {
+    window.addEventListener("message", event => resolve(event.data));
+  });
+}
+
+function testSandboxedIframeSubresource(description,
+                                        sandboxAttributes,
+                                        expectedReferrer) {
+  promise_test(async test => {
+    let resource_url = get_host_info().HTTP_NOTSAMESITE_ORIGIN +
+      "/common/security-features/subresource/xhr.py";
+    const iframe = document.createElement("iframe");
+    iframe.sandbox = sandboxAttributes;
+    iframe.srcdoc = `
+      <meta name="referrer" content="always">
+      <script src="/common/security-features/resources/common.sub.js">
+      </scr`+`ipt>
+      <script>
+        requestViaFetch("${resource_url}").then((msg) => {
+          parent.postMessage(msg.referrer, '*');
+        }).catch((e) => {
+          parent.postMessage("FAILURE", '*');
+        });
+      </scr`+`ipt>
+    `;
+
+    const future_message = futureMessage();
+    document.body.appendChild(iframe);
+    assert_equals(await future_message, expectedReferrer);
+
+  }, description);
+}
+
+function testSandboxedIframeMainResource(description,
+                                         sandboxAttributes,
+                                         expectedReferrer) {
+  promise_test(async test => {
+    let document_url = get_host_info().HTTP_NOTSAMESITE_ORIGIN +
+      "/referrer-policy/generic/resources/referrer.py";
+    const iframe = document.createElement("iframe");
+    iframe.sandbox = sandboxAttributes;
+    iframe.srcdoc = `
+      <meta name="referrer" content="always">
+      <script>
+        onload = () => {
+          location.href = "${document_url}";
+        }
+      </scr`+`ipt>
+    `;
+
+    const future_message = futureMessage();
+    document.body.appendChild(iframe);
+    assert_equals(await future_message, expectedReferrer);
+
+  }, description);
+}
+
+testSandboxedIframeSubresource(
+  "Sandboxed iframe with opaque origin doesn't send referrers to subresources",
+  "allow-scripts", undefined);
+testSandboxedIframeSubresource(
+  "Sandboxed iframe with tuple origin sends referrers to subresources",
+  "allow-same-origin allow-scripts", document.location.href);
+testSandboxedIframeMainResource(
+  "Sandboxed iframe with opaque origin doesn't send referrers on navigation",
+  "allow-scripts", "");
+testSandboxedIframeMainResource(
+  "Sandboxed iframe with tuple origin sends referrers on navigation",
+  "allow-same-origin allow-scripts", document.location.href);
+
+</script>
+</body>
 </html>