Commit 655d04d4 authored by Antonio Sartori's avatar Antonio Sartori Committed by Commit Bot

Fix referrer policy inheritance WPT for javascript: URLs

According to the specification, executing a javascript: URL in a
document does not commit a new document. Indeed, following
https://html.spec.whatwg.org/multipage/browsing-the-web.html#javascript-protocol
executing a javascript: URL request gives a response whose status is
204, and processing a response with status 204 does not commit a new
document:
https://html.spec.whatwg.org/multipage/browsing-the-web.html#process-a-navigate-response
In particular, executing a javascript: URL does not change the
document's URL. So if we create a new (empty) iframe and execute right
away some javascript: URL in it, the URL of the iframe document will
be "about:blank".

On the other side, a document with URL "about:blank" will usually not
send any Referer header, since the algorithm for determining the
outgoing referrer goes through the stripping section
https://w3c.github.io/webappsec-referrer-policy/#strip-url which
returns `no-referrer` for a local scheme.

As a consequence, we should always expect the Referer header of an
outgoing fetch request from an `<iframe src="javascript:...">` without
custom referrer to be empty.

This CL adjusts the referrer policy inheritance WP test to that.

Still, we want to test that the referrer policy is inherited correctly
for javascript: URLs. For doing that, we add a custom referrer to the
outgoing fetch request, and we check that the content of the received
Referer header corresponds to the custom referrer modulo the inherited
referrer policy.

Change-Id: Ib3fe0808d3f8a1790e3f565cf2b1648fd2ea6c13
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2464930
Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
Reviewed-by: default avatarDominic Farolino <dom@chromium.org>
Cr-Commit-Position: refs/heads/master@{#821284}
parent f84c000f
This is a testharness.js-based test.
FAIL Referrer Policy: iframes with javascript url reuse referrer policy assert_equals: expected (string) "http://web-platform.test:8001/" but got (undefined) undefined
PASS Referrer Policy: iframes with javascript url reuse referrer policy 1
FAIL Referrer Policy: iframes with javascript url reuse referrer policy assert_equals: expected "http://web-platform.test:8001/" but got "http://web-platform.test:8001/custom"
FAIL Referrer Policy: iframes with javascript url reuse referrer policy 1 assert_equals: expected (undefined) undefined but got (string) "http://web-platform.test:8001/custom"
PASS Referrer Policy: iframes with javascript url reuse referrer policy 2
FAIL Referrer Policy: iframes with javascript url reuse referrer policy 3 assert_equals: expected (undefined) undefined but got (string) "http://web-platform.test:8001/"
Harness: the test ran to completion.
......
......@@ -30,7 +30,11 @@
iframe.onload = t.step_func(() => {
iframe.onload = null;
const iframeChild = iframe.contentDocument.createElement("iframe");
iframeChild.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN)}'`;
// We add a custom referrer to the fetch request. Otherwise,
// since the frame's URL is "about:blank", the Referer header will
// always be empty:
// https://w3c.github.io/webappsec-referrer-policy/#strip-url.
iframeChild.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN, location.origin+"/custom")}'`;
iframe.contentDocument.body.appendChild(iframeChild);
});
document.body.appendChild(iframe);
......
This is a testharness.js-based test.
FAIL Referrer Policy: iframes with javascript url reuse referrer policy assert_equals: expected (string) "http://web-platform.test:8001/" but got (undefined) undefined
PASS Referrer Policy: iframes with javascript url reuse referrer policy
FAIL Referrer Policy: iframes with javascript url reuse referrer policy 1 assert_equals: expected "http://web-platform.test:8001/" but got "http://web-platform.test:8001/custom"
Harness: the test ran to completion.
......@@ -7,13 +7,39 @@
<meta name="referrer" content="origin">
<div id="log"></div>
<script>
async_test(t => {
window.addEventListener("message", t.step_func_done(msg => {
assert_equals(msg.data.referrer, self.origin + "/");
}));
const iframe = document.createElement("iframe");
iframe.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN)}'`;
document.body.appendChild(iframe);
[
{
fetchReferrer: "",
// Because the URL of the Document of <iframe src="javascript:..."> is
// "about:blank", the stripped URL is no referrer:
// https://w3c.github.io/webappsec-referrer-policy/#strip-url.
expected: undefined
},
{
fetchReferrer: location.origin+"/custom",
// <iframe src="javascript:..."> inherits its parent's referrer policy.
// Note: Setting an explicit URL as referrer succeeds
// because the same-origin check at
// https://fetch.spec.whatwg.org/#dom-request
// is done against <iframe>'s origin, which inherits the parent
// Document's origin == location.orgin. Furthermore, since the iframe
// inherits its parent's referrer policy, the URL should be restricted to
// its origin.
expected: self.origin + "/"
}
].forEach(({ fetchReferrer, expected }) => {
promise_test(t => {
return new Promise(resolve => {
window.addEventListener("message", t.step_func(msg => {
assert_equals(msg.data.referrer, expected);
resolve();
}), { once: true });
const iframe = document.createElement("iframe");
iframe.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN, fetchReferrer)}'`;
document.body.appendChild(iframe);
});
});
});
</script>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment