mirror of
https://github.com/servo/servo.git
synced 2025-06-20 15:18:58 +01:00
Clean and fix referrer policy wpt for a-tag
Signed-off-by: Ying-Ruei Liang(KK) <thumbd03803@gmail.com>
This commit is contained in:
Ying-Ruei Liang(KK)
parent
955d3a8b87
commit
0edab51f05
562 changed files with 1436 additions and 1159 deletions
|
|
@ -2,3 +2,4 @@
|
|||
type: testharness
|
||||
[ImageData does not have a usable constructor]
|
||||
expected: FAIL
|
||||
|
||||
|
|
|
|||
|
|
@ -8,3 +8,4 @@
|
|||
|
||||
[label-with-meter.form]
|
||||
expected: FAIL
|
||||
|
||||
|
|
|
|||
|
|
@ -2,3 +2,4 @@
|
|||
type: testharness
|
||||
[A non-control follows by a control with same ID.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with keep-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with no-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with keep-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with no-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the rel-noreferrer\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the rel-noreferrer\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the rel-noreferrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the rel-noreferrer\n delivery method with keep-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the rel-noreferrer\n delivery method with no-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the rel-noreferrer\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[same-origin-insecure.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[same-origin-insecure.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with keep-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with no-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with keep-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with no-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[generic.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is origin when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[same-origin-insecure.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the attr-referrer\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.keep-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with keep-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.no-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with no-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[cross-origin.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is cross-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[same-origin-insecure.swap-origin-redirect.http.html]
|
||||
type: testharness
|
||||
[The referrer URL is omitted when a\n document served over http requires an http\n sub-resource via a-tag using the meta-csp\n delivery method with swap-origin-redirect and when\n the target request is same-origin.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -192,7 +192,45 @@ function queryAnchor(url, callback, referrer_policy) {
|
|||
|
||||
function doQuery() {
|
||||
var id = token();
|
||||
var url_with_params = url + "&id=" + id + "&tagAttrs=" + JSON.stringify(referrer_policy);
|
||||
|
||||
var document_url = new URL(url);
|
||||
var document_protocol = document_url.protocol;
|
||||
var document_host = document_url.host;
|
||||
|
||||
// TODO This is a workaround to pass tests which their referrer policy
|
||||
// changed when source and destination has different protocol or host.
|
||||
//
|
||||
// Here we store url's protocol and host, then make url's protocol and
|
||||
// host equal to window's. Finally, we pass the protocol and host we
|
||||
// stored as url arguments while loading url. So that url knows what
|
||||
// protocol and host to load the actual document.py and makes tests
|
||||
// meaningful and correct.
|
||||
document_url.protocol = window.location.protocol;
|
||||
document_url.host = window.location.host;
|
||||
|
||||
// Due to limitation of current test implementation, we are unable to
|
||||
// capture referrer policy from meta tags and http header of test
|
||||
// harness directly. To overcome it, we extract these information from
|
||||
// meta tags and pass it to url which we're going to load for future
|
||||
// use.
|
||||
var meta_referrer = undefined;
|
||||
var http_referrer = undefined;
|
||||
for (var meta of document.head.querySelectorAll("meta")) {
|
||||
if (meta.name === "referrer") {
|
||||
meta_referrer = meta.content;
|
||||
} else if (meta.name === "http-referrer-policy") {
|
||||
http_referrer = meta.content;
|
||||
}
|
||||
}
|
||||
|
||||
var url_with_params = document_url.toString() +
|
||||
"&id=" + id +
|
||||
"&tagAttrs=" + JSON.stringify(referrer_policy) +
|
||||
"&metaReferrer=" + meta_referrer +
|
||||
"&httpReferrer=" + http_referrer +
|
||||
"&protocol=" + document_protocol +
|
||||
"&host=" + document_host;
|
||||
|
||||
var iframe = appendIframeToBody(url_with_params);
|
||||
iframe.addEventListener("load", function listener() {
|
||||
if ((iframe.contentDocument !== null) &&
|
||||
|
|
@ -200,14 +238,17 @@ function queryAnchor(url, callback, referrer_policy) {
|
|||
return;
|
||||
}
|
||||
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', '/_mozilla/mozilla/referrer-policy/generic/subresource/stash.py?path=a-tag-document-url&id=' + id, false);
|
||||
xhr.send();
|
||||
var expected_url = JSON.parse(xhr.responseText);
|
||||
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', '/_mozilla/mozilla/referrer-policy/generic/subresource/stash.py?id=' + id, false);
|
||||
xhr.onload = function(e) {
|
||||
var server_data = JSON.parse(this.responseText);
|
||||
server_data.referrer = unescape(server_data.referrer);
|
||||
server_data.headers.referer = unescape(server_data.headers.referer);
|
||||
|
||||
callback(server_data, url_with_params);
|
||||
callback(server_data, expected_url);
|
||||
};
|
||||
xhr.send();
|
||||
|
||||
|
|
@ -248,16 +289,9 @@ function queryLink(url, callback, referrer_policy) {
|
|||
var id = token();
|
||||
var link = document.createElement("link");
|
||||
|
||||
if (referrer_policy) {
|
||||
for (var attr in referrer_policy) {
|
||||
// TODO crashed when you assigned value to rel attribute
|
||||
if (attr === "rel") {
|
||||
link.relList.add("noreferrer");
|
||||
} else {
|
||||
link[attr] = referrer_policy[attr];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
link.href = url + "&id=" + id;
|
||||
link.relList.add("stylesheet");
|
||||
|
|
|
|||
|
|
@ -109,15 +109,26 @@ function ReferrerPolicyTestCase(scenario, testDescription, sanityChecker) {
|
|||
|
||||
// Check the reported URL.
|
||||
test.step(function() {
|
||||
if (expected_referrer) {
|
||||
expected_referrer = new URL(expected_referrer);
|
||||
if (t._scenario.referrer_url === "omitted") {
|
||||
expected_referrer = undefined;
|
||||
} else if (t._scenario.referrer_url === "origin") {
|
||||
expected_referrer = expected_referrer.origin + "/";
|
||||
} else if (t._scenario.referrer_url === "stripped-referrer") {
|
||||
expected_referrer = stripUrlForUseAsReferrer(expected_referrer.toString());
|
||||
}
|
||||
}
|
||||
|
||||
expected_referrer = expected_referrer || t._expectedReferrerUrl;
|
||||
|
||||
assert_equals(result.referrer,
|
||||
expected_referrer || t._expectedReferrerUrl,
|
||||
"Reported Referrer URL is '" +
|
||||
(expected_referrer || t._expectedReferrerUrl) + "'.");
|
||||
expected_referrer,
|
||||
"Reported Referrer URL is '" + expected_referrer + "'.");
|
||||
assert_equals(result.headers.referer,
|
||||
expected_referrer || t._expectedReferrerUrl,
|
||||
"Reported Referrer URL from HTTP header is '" +
|
||||
(expected_referrer || t._expectedReferrerUrl) + "'");
|
||||
}, "Reported Referrer URL is as expected: " + t._scenario.referrer_url);
|
||||
expected_referrer,
|
||||
"Reported Referrer URL from HTTP header is '" + expected_referrer + "'");
|
||||
}, "Reported Referrer URL is as expected: " + (expected_referrer || t._expectedReferrerUrl));
|
||||
|
||||
test.done();
|
||||
})
|
||||
|
|
|
|||
|
|
@ -3,18 +3,25 @@
|
|||
<head>
|
||||
</head>
|
||||
<body>
|
||||
<a id="button">go</a>
|
||||
<script>
|
||||
var url = new URL(window.location.toString());
|
||||
var id = url.searchParams.get("id");
|
||||
var redirection = url.searchParams.get("redirection");
|
||||
var cache_destroyer = url.searchParams.get("cache_destroyer");
|
||||
var tag_attrs = url.searchParams.get("tagAttrs");
|
||||
|
||||
console.log(id);
|
||||
console.log(redirection);
|
||||
console.log(cache_destroyer);
|
||||
console.log(tag_attrs);
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', 'stash.py?path=a-tag-stash&id=' + id, false);
|
||||
xhr.send();
|
||||
params = JSON.parse(xhr.responseText);
|
||||
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open('POST', 'stash.py?path=a-tag-document-url&id=' + id, false);
|
||||
xhr.send(JSON.stringify(window.location.toString()));
|
||||
|
||||
var redirection = params["redirection"];
|
||||
var cache_destroyer = params["cache_destroyer"];
|
||||
var tag_attrs = params["tagAttrs"];
|
||||
var meta_referrer = params["metaReferrer"];
|
||||
var protocol = params["protocol"];
|
||||
var host = params["host"];
|
||||
|
||||
var referrer_policy;
|
||||
try {
|
||||
|
|
@ -23,14 +30,30 @@
|
|||
referrer_policy = {};
|
||||
}
|
||||
|
||||
var a = document.getElementById("button");
|
||||
a.href = "/_mozilla/mozilla/referrer-policy/generic/subresource/document.py?id=" + id + "&redirection=" + redirection +
|
||||
if (meta_referrer !== "undefined") {
|
||||
var meta = document.createElement("meta");
|
||||
meta.name = "referrer";
|
||||
meta.content = meta_referrer;
|
||||
|
||||
document.head.appendChild(meta);
|
||||
}
|
||||
|
||||
var a = document.createElement("a");
|
||||
a.href = protocol + "//" + host +
|
||||
"/_mozilla/mozilla/referrer-policy/generic/subresource/document.py" +
|
||||
"?id=" + id +
|
||||
"&redirection=" + redirection +
|
||||
"&cache_destroyer=" + cache_destroyer;
|
||||
|
||||
// referrer_policy could be:
|
||||
// {rel: "noreferrer"}, or
|
||||
// {referrerPolicy: "POLICY_YOU_CHOOSE"}
|
||||
for (var attr in referrer_policy) {
|
||||
a[attr] = referrer_policy[attr];
|
||||
}
|
||||
|
||||
document.body.appendChild(a);
|
||||
|
||||
a.click();
|
||||
</script>
|
||||
</body>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,22 @@
|
|||
import os, json, sys
|
||||
this_dir = os.path.dirname(os.path.abspath(__file__))
|
||||
sys.path.insert(0, this_dir)
|
||||
|
||||
import mozresource; subresource = mozresource
|
||||
|
||||
def generate_payload(server_data):
|
||||
with open(os.path.join(this_dir, "a-tag.html")) as f:
|
||||
return f.read()
|
||||
|
||||
def main(request, response):
|
||||
path = 'a-tag-stash'
|
||||
server_data = json.dumps(request.GET)
|
||||
stashed_data = request.server.stash.take(request.GET["id"], path)
|
||||
if stashed_data:
|
||||
server_data = stashed_data
|
||||
request.server.stash.put(request.GET["id"], server_data, path)
|
||||
http_header_referrer_policy = request.GET["httpReferrer"] if "httpReferrer" in request.GET else None
|
||||
subresource.respond(request,
|
||||
response,
|
||||
payload_generator = generate_payload,
|
||||
http_header_referrer_policy = http_header_referrer_policy)
|
||||
|
|
@ -24,12 +24,12 @@ def create_redirect_url(request, cross_origin = False):
|
|||
if cross_origin:
|
||||
destination_netloc = get_swapped_origin_netloc(parsed.netloc)
|
||||
|
||||
query = filter(lambda x: x.startswith('id='), parsed.query.split('&'))
|
||||
query = filter(lambda x: not x.startswith('redirection='), parsed.query.split('&'))
|
||||
destination_url = urlparse.urlunsplit(urlparse.SplitResult(
|
||||
scheme = parsed.scheme,
|
||||
netloc = destination_netloc,
|
||||
path = parsed.path,
|
||||
query = query[0] if query else None,
|
||||
query = '&'.join(query),
|
||||
fragment = None))
|
||||
|
||||
return destination_url
|
||||
|
|
@ -73,7 +73,8 @@ def respond(request,
|
|||
content_type = "text/html",
|
||||
payload_generator = __noop,
|
||||
cache_control = "no-cache; must-revalidate",
|
||||
access_control_allow_origin = "*"):
|
||||
access_control_allow_origin = "*",
|
||||
http_header_referrer_policy = None):
|
||||
if preprocess_redirection(request, response):
|
||||
return
|
||||
|
||||
|
|
@ -83,6 +84,9 @@ def respond(request,
|
|||
if access_control_allow_origin != None:
|
||||
response.writer.write_header("access-control-allow-origin",
|
||||
access_control_allow_origin)
|
||||
if http_header_referrer_policy != None:
|
||||
response.writer.write_header("referrer-policy",
|
||||
http_header_referrer_policy)
|
||||
response.writer.write_header("content-type", content_type)
|
||||
response.writer.write_header("cache-control", cache_control)
|
||||
response.writer.end_headers()
|
||||
|
|
|
|||
|
|
@ -95,7 +95,8 @@ def generate_selection(selection, spec, subresource_path,
|
|||
'content="referrer %(referrer_policy)s">' % spec
|
||||
elif selection['delivery_method'] == 'http-rp':
|
||||
selection['meta_delivery_method'] = \
|
||||
"<!-- No meta: Referrer policy delivered via HTTP headers. -->"
|
||||
'<!-- No meta: Referrer policy delivered via HTTP headers. -->' \
|
||||
'<meta name="http-referrer-policy" content="%(referrer_policy)s">' % spec
|
||||
test_headers_filename = test_filename + ".headers"
|
||||
with open(test_headers_filename, "w") as f:
|
||||
f.write('Referrer-Policy: ' + \
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "http",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
"source_protocol": "http",
|
||||
"target_protocol": "https",
|
||||
"subresource": "a-tag",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.html",
|
||||
"subresource_path": "/_mozilla/mozilla/referrer-policy/generic/subresource/a-tag.py",
|
||||
"referrer_url": "stripped-referrer"
|
||||
},
|
||||
document.querySelector("meta[name=assert]").content,
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
<head>
|
||||
<title>Referrer-Policy: Referrer Policy is set to 'no-referrer-when-downgrade'</title>
|
||||
<meta name="description" content="Check that non a priori insecure subresource gets the full Referrer URL. A priori insecure subresource gets no referrer information.">
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. -->
|
||||
<!-- No meta: Referrer policy delivered via HTTP headers. --><meta name="http-referrer-policy" content="no-referrer-when-downgrade">
|
||||
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
|
||||
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-no-referrer-when-downgrade">
|
||||
<meta name="assert" content="The referrer URL is stripped-referrer when a
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue