Add m-esr52 at 52.6.0

50 files changed, 2050 insertions, 0 deletions

diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..986434466
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..a70bbb7ff
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..2199fbacc
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/fetch-request/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..0038a1a78
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..8555bc6cc
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..bd2014b06
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/iframe-tag/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..b519ebcfb
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..a70f22d69
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..633938985
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/img-tag/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..b9eefbc30
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..82fc3b114
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..bbcbe233f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/script-tag/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..fd270955f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..4739c5847
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..fe6f02837
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-http/xhr-request/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..5d0f8168c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..3a4fb95e8
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..20c2f4f49
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/fetch-request/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..d3ad1f9c4
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..5de6a24aa
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..d39c95d82
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/iframe-tag/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..df9f3a839
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..729839842
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..f5e5c5230
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/img-tag/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..5e03688c4
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..346e401ef
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..27d89b3c0
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/script-tag/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.keep-origin-redirect.http.html
new file mode 100644
index 000000000..045dc0617
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.no-redirect.http.html
new file mode 100644
index 000000000..aadf71777
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.swap-origin-redirect.http.html
new file mode 100644
index 000000000..aada3951f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/cross-origin/http-https/xhr-request/cross-origin.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.keep-origin-redirect.http.html
new file mode 100644
index 000000000..9bbbfb72f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.no-redirect.http.html
new file mode 100644
index 000000000..6d7a54cdb
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..8117e29c0
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/fetch-request/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.keep-origin-redirect.http.html
new file mode 100644
index 000000000..34859ed87
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.no-redirect.http.html
new file mode 100644
index 000000000..e73908952
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..0080977a7
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/iframe-tag/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.keep-origin-redirect.http.html
new file mode 100644
index 000000000..155bf0109
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.no-redirect.http.html
new file mode 100644
index 000000000..7b3442d29
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..fe2b40c58
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/img-tag/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.keep-origin-redirect.http.html
new file mode 100644
index 000000000..18f3dbc80
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.no-redirect.http.html
new file mode 100644
index 000000000..f296512ef
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..8eaeb5cd8
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/script-tag/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.keep-origin-redirect.http.html
new file mode 100644
index 000000000..9ca451221
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.no-redirect.http.html
new file mode 100644
index 000000000..a8ec1e6ac
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is stripped-referrer when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "stripped-referrer"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..5fdacce40
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-http/xhr-request/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/fetch-request/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/fetch-request/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..cac271986
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/fetch-request/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/iframe-tag/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/iframe-tag/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..7023a52be
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/iframe-tag/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/img-tag/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/img-tag/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..a6be79bcd
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/img-tag/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/script-tag/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/script-tag/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..70602133f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/script-tag/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/xhr-request/same-origin-insecure.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/xhr-request/same-origin-insecure.swap-origin-redirect.http.html
new file mode 100644
index 000000000..27a95b7ad
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/same-origin/meta-referrer/same-origin/http-https/xhr-request/same-origin-insecure.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'same-origin'</title>
+    <meta name="description" content="Check that cross-origin subresources get no referrer information and same-origin get the stripped referrer URL.">
+    <meta name="referrer" content="same-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin">
+    <meta name="assert" content="The referrer URL is omitted when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "same-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "omitted"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>