Add m-esr52 at 52.6.0

204 files changed, 6000 insertions, 0 deletions

diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..5cec2348d
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..0f5f5353d
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..67f62b51c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..0185812ea
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..b13d43aab
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..733dd399d
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..e5171daca
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..518fc5ca9
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..07c8d14f0
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..307ec9454
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..94a45bbf4
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..ff3a4d5f9
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..6be360594
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..29a5417f7
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..1d19df2c2
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..29cec56f8
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..fc158a9c9
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..0636fed23
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..3a3d0cb39
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..b1771d766
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..a2b64ec7a
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..10d67abeb
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..c5d55deda
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..8b1c993d2
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/attr-referrer/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the attr-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "attr-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..b8bfa369c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..e7abb5524
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..ee0f6a65e
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..6e0f4dd79
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..6dcc1de0c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..dd867e250
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..a8a664fab
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..778eace94
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..151cdf90d
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..8356d3b18
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..be8889a92
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..f579e9627
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..6771dfdc2
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..82b6165be
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..850b62b05
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..8dd238f17
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..d0c92c8c3
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..80aba4f30
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..76edcef00
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..0c9a64d75
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..7261e079b
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..e3d99ada9
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..bf4f76c42
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..3568a5853
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..34678b6e0
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..fd6fa84b8
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..8e2f26110
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..f1ef4905a
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..882ec58e8
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..61222c061
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..07324af6d
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..74f5a7ccc
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..e0c913583
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..28616e8af
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..4fb70527b
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..dc4f644b7
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..829b2b072
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..e2be71dd9
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..b3d3dc54a
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..56fdc7923
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..62397c248
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..183620ee8
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..dce61d41d
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..c857f4c76
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..1f137283c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..4a82c2944
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..787d3afc7
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..0a1d40c5f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..999c43e8b
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..6330560d9
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..4681722ab
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..1487f9645
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..ddd876b91
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..6c92b8d51
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..c2fef2eab
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..51b0a8069
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..ab62bdbee
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..bd5bbed36
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..a3d7e8477
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..e264bc35c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <!-- No meta: Referrer policy delivered via HTTP headers. -->
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the http-rp
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "http-rp",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html.headers b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html.headers
new file mode 100644
index 000000000..07af8e286
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/http-rp/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html.headers
@@ -0,0 +1,2 @@
+Referrer-Policy: strict-origin
+Access-Control-Allow-Origin: *
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..96cb24604
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..97b2f4942
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..41c90bdfd
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..005b0fa5e
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..bb240bee6
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..0d6b7b272
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..09d9594c2
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..c83cd6618
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..d9ed4f6c0
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..f060d3b99
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..d37724e7c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..7c9c53f86
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..2b04c50a4
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..064da1b69
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..7046e6e14
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..25557dfb8
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..f3ce31c69
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..fdbf7a78b
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..cf16f8ade
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..ffda52304
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..e013b680f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..1a1b24044
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..5bfd8faa1
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..d64873822
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..25f01ca1b
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..c51a797d3
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..3562c938a
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..50994e295
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..da91cfdd2
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..bb496aa3f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/cross-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is cross-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "cross-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..0179180e5
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..3b9d5beb6
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..01c5646b1
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/fetch-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..fccec81bb
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..5840859b4
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..4e93fafee
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/iframe-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..9a9490e66
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..9e1bd3a1c
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..46a7a33c3
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/img-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..6186d57f3
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..08a6df4fd
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..8bf116b87
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/script-tag/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..3fe96e71d
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
new file mode 100644
index 000000000..bdfce453e
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..6e29cc16a
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-http/xhr-request/insecure-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an http
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "http",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..dfc4b9792
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..dfbc93f20
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..4f581e783
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/fetch-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via fetch-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "fetch-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..610799d5e
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..db36bbc70
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..8f4eabfa2
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/iframe-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via iframe-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "iframe-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/document.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..e5acfb1b0
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..f2a6afb83
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..40dc6bfa4
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/img-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via img-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "img-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/image.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..2bac0fc5a
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..023680ab7
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..fbd9be455
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/script-tag/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via script-tag using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "script-tag",
+          "subresource_path": "/referrer-policy/generic/subresource/script.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
new file mode 100644
index 000000000..1b2a3b3ce
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.keep-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with keep-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "keep-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
new file mode 100644
index 000000000..0c002eff6
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.no-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with no-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "no-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
new file mode 100644
index 000000000..3aecaf52f
--- /dev/null
+++ b/testing/web-platform/tests/referrer-policy/strict-origin/meta-referrer/same-origin/http-https/xhr-request/upgrade-protocol.swap-origin-redirect.http.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Referrer-Policy: Referrer Policy is set to 'strict-origin'</title>
+    <meta name="description" content="Check that non a priori insecure subresource gets only the origin portion of the referrer URL. A priori insecure subresource gets no referrer information.">
+    <meta name="referrer" content="strict-origin">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin">
+    <meta name="assert" content="The referrer URL is origin when a
+                                 document served over http requires an https
+                                 sub-resource via xhr-request using the meta-referrer
+                                 delivery method with swap-origin-redirect and when
+                                 the target request is same-origin.">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- TODO(kristijanburnik): Minify and merge both: -->
+    <script src="/referrer-policy/generic/common.js"></script>
+    <script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      ReferrerPolicyTestCase(
+        {
+          "referrer_policy": "strict-origin",
+          "delivery_method": "meta-referrer",
+          "redirection": "swap-origin-redirect",
+          "origin": "same-origin",
+          "source_protocol": "http",
+          "target_protocol": "https",
+          "subresource": "xhr-request",
+          "subresource_path": "/referrer-policy/generic/subresource/xhr.py",
+          "referrer_url": "origin"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>