mirror of
https://github.com/servo/servo.git
synced 2025-10-09 13:09:25 +01:00
53 lines
2.1 KiB
HTML
53 lines
2.1 KiB
HTML
<!DOCTYPE html>
|
|
<title>Prefetch attempts with an unacceptable referrer policy</title>
|
|
|
|
<!--Split test cases due to the use of timeouts in speculation rules test utilities.-->
|
|
<meta name="variant" content="?1-1">
|
|
<meta name="variant" content="?2-last">
|
|
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
<script src="/common/dispatcher/dispatcher.js"></script>
|
|
<script src="/common/subset-tests.js"></script>
|
|
<script src="/common/utils.js"></script>
|
|
<script src="resources/utils.sub.js"></script>
|
|
|
|
<script>
|
|
"use strict";
|
|
|
|
subsetTest(promise_test, async t => {
|
|
assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");
|
|
|
|
const agent = await spawnWindow(t);
|
|
await agent.setReferrerPolicy("unsafe-url");
|
|
const expectedReferrer = agent.getExecutorURL().href;
|
|
|
|
const nextURL = agent.getExecutorURL({ page: 2 });
|
|
await agent.forceSinglePrefetch(nextURL);
|
|
await agent.navigate(nextURL);
|
|
|
|
const headers = await agent.getRequestHeaders();
|
|
// The referrer policy restriction does not apply to same-site prefetch.
|
|
assert_prefetched(headers, "must be prefetched");
|
|
assert_equals(headers.referer, expectedReferrer, "must send the full URL as the referrer");
|
|
}, 'with "unsafe-url" referrer policy on same-site referring page');
|
|
|
|
subsetTest(promise_test, async t => {
|
|
assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");
|
|
|
|
const agent = await spawnWindow(t);
|
|
await agent.setReferrerPolicy("unsafe-url");
|
|
const expectedReferrer = agent.getExecutorURL().href;
|
|
|
|
const nextURL = agent.getExecutorURL({ hostname: PREFETCH_PROXY_BYPASS_HOST, page: 2 });
|
|
// This prefetch attempt should be ignored.
|
|
await agent.forceSinglePrefetch(
|
|
nextURL, { requires: ["anonymous-client-ip-when-cross-origin"] });
|
|
await agent.navigate(nextURL);
|
|
|
|
const headers = await agent.getRequestHeaders();
|
|
assert_not_prefetched(headers, "must not be prefetched");
|
|
assert_equals(headers.referer, expectedReferrer, "must send the full URL as the referrer");
|
|
}, 'with "unsafe-url" referrer policy on cross-site referring page');
|
|
|
|
</script>
|