diff options
Diffstat (limited to 'dom/base/test/referrerHelper.js')
| -rw-r--r-- | dom/base/test/referrerHelper.js | 286 |
1 files changed, 286 insertions, 0 deletions
diff --git a/dom/base/test/referrerHelper.js b/dom/base/test/referrerHelper.js new file mode 100644 index 000000000..207bf5f15 --- /dev/null +++ b/dom/base/test/referrerHelper.js @@ -0,0 +1,286 @@ +/** + * Listen for notifications from the child. + * These are sent in case of error, or when the loads we await have completed. + */ +window.addEventListener("message", function(event) { + if (event.data == "childLoadComplete") { + // all loads happen, continue the test. + advance(); + } else if (event.data == "childOverload") { + // too many loads happened in a test frame, abort. + ok(false, "Too many load handlers called in test."); + SimpleTest.finish(); + } else if (event.data.indexOf("fail-") == 0) { + // something else failed in the test frame, abort. + ok(false, "Child failed the test with error " + event.data.substr(5)); + SimpleTest.finish(); + }}); + + +/** + * helper to perform an XHR. + */ +function doXHR(url, onSuccess, onFail) { + var xhr = new XMLHttpRequest(); + xhr.onload = function () { + if (xhr.status == 200) { + onSuccess(xhr); + } else if (xhr.status == 418) { + // Ignore HSTS priming responses + return; + } else { + onFail(xhr); + } + }; + xhr.open('GET', url, true); + xhr.send(null); +} + + + +/** + * This triggers state-resetting on the counter server. + */ +function resetCounter() { + doXHR('/tests/dom/base/test/bug704320_counter.sjs?reset', + advance, + function(xhr) { + ok(false, "Need to be able to reset the request counter"); + SimpleTest.finish(); + }); +} + +/** + * Grabs the results via XHR and passes to checker. + */ +function checkIndividualResults(testname, expected) { + doXHR('/tests/dom/base/test/bug704320_counter.sjs?results', + function(xhr) { + var results = JSON.parse(xhr.responseText); + info(xhr.responseText); + + ok('img' in results, + testname + " test: some image loads required in results object."); + is(results['img'].count, 2, + testname + " Test: Expected 2 loads for image requests."); + + expected.forEach(function (ref) { + ok(results['img'].referrers.indexOf(ref) >= 0, + testname + " Test: Expected " + ref + " referrer policy in test, results were " + + JSON.stringify(results['img'].referrers) +"."); + }); + advance(); + }, + function(xhr) { + ok(false, "Can't get results from the counter server."); + SimpleTest.finish(); + }); +} + +/** + * Grabs the results via XHR and checks them + */ +function checkExpectedGlobalResults() { + var url = 'bug704320.sjs?action=get-test-results'; + doXHR(url, + function(xhr) { + var response = JSON.parse(xhr.response); + + for (type in response) { + for (scheme in response[type]) { + for (policy in response[type][scheme]) { + var expectedResult = EXPECTED_RESULTS[type] === undefined ? + EXPECTED_RESULTS['default'][scheme][policy] : + EXPECTED_RESULTS[type][scheme][policy]; + is(response[type][scheme][policy], expectedResult, type + ' ' + scheme + ' ' + policy); + } + } + } + advance(); + }, + function(xhr) { + ok(false, "Can't get results from the counter server."); + SimpleTest.finish(); + }); +} + + +var EXPECTED_RESULTS = { + // From docshell/base/nsDocShell.cpp: + // "If the document containing the hyperlink being audited was not retrieved + // over an encrypted connection and its address does not have the same + // origin as "ping URL", send a referrer." + 'link-ping': { + // Same-origin + 'http-to-http': { + 'no-referrer': '', + 'unsafe-url': '', + 'origin': '', + 'origin-when-cross-origin': '', + 'no-referrer-when-downgrade': '', + 'same-origin': '', + 'strict-origin': '', + 'strict-origin-when-cross-origin':'' + }, + 'http-to-https': { + 'no-referrer': '', + 'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url', + 'origin': 'http://example.com/', + 'origin-when-cross-origin': 'http://example.com/', + 'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade', + 'same-origin': '', + 'strict-origin': 'http://example.com/', + 'strict-origin-when-cross-origin':'http://example.com/' + }, + // Encrypted and not same-origin + 'https-to-http': { + 'no-referrer': '', + 'unsafe-url': '', + 'origin': '', + 'origin-when-cross-origin': '', + 'no-referrer-when-downgrade': '', + 'same-origin': '', + 'strict-origin': '', + 'strict-origin-when-cross-origin':'' + }, + // Encrypted + 'https-to-https': { + 'no-referrer': '', + 'unsafe-url': '', + 'origin': '', + 'origin-when-cross-origin': '', + 'no-referrer-when-downgrade': '', + 'same-origin': '', + 'strict-origin': '', + 'strict-origin-when-cross-origin':'' + } + }, + // form is tested in a 2nd level iframe. + 'form': { + 'http-to-http': { + 'no-referrer': '', + 'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=unsafe-url&type=form', + 'origin': 'http://example.com/', + 'origin-when-cross-origin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=origin-when-cross-origin&type=form', + 'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer-when-downgrade&type=form', + 'same-origin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=same-origin&type=form', + 'strict-origin': 'http://example.com/', + 'strict-origin-when-cross-origin':'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=strict-origin-when-cross-origin&type=form' + }, + 'http-to-https': { + 'no-referrer': '', + 'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url&type=form', + 'origin': 'http://example.com/', + 'origin-when-cross-origin': 'http://example.com/', + 'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade&type=form', + 'same-origin': '', + 'strict-origin': 'http://example.com/', + 'strict-origin-when-cross-origin':'http://example.com/' + }, + 'https-to-http': { + 'no-referrer': '', + 'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=http&policy=unsafe-url&type=form', + 'origin': 'https://example.com/', + 'origin-when-cross-origin': 'https://example.com/', + 'no-referrer-when-downgrade': '', + 'same-origin': '', + 'strict-origin': '', + 'strict-origin-when-cross-origin':'' + }, + 'https-to-https': { + 'no-referrer': '', + 'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=unsafe-url&type=form', + 'origin': 'https://example.com/', + 'origin-when-cross-origin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=origin-when-cross-origin&type=form', + 'no-referrer-when-downgrade': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer-when-downgrade&type=form', + 'same-origin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=same-origin&type=form', + 'strict-origin': 'https://example.com/', + 'strict-origin-when-cross-origin':'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=strict-origin-when-cross-origin&type=form' + } + }, + // window.location is tested in a 2nd level iframe. + 'window.location': { + 'http-to-http': { + 'no-referrer': '', + 'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=unsafe-url&type=window.location', + 'origin': 'http://example.com/', + 'origin-when-cross-origin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=origin-when-cross-origin&type=window.location', + 'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer-when-downgrade&type=window.location', + 'same-origin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=same-origin&type=window.location', + 'strict-origin': 'http://example.com/', + 'strict-origin-when-cross-origin':'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=strict-origin-when-cross-origin&type=window.location' + }, + 'http-to-https': { + 'no-referrer': '', + 'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url&type=window.location', + 'origin': 'http://example.com/', + 'origin-when-cross-origin': 'http://example.com/', + 'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade&type=window.location', + 'same-origin': '', + 'strict-origin': 'http://example.com/', + 'strict-origin-when-cross-origin':'http://example.com/' + }, + 'https-to-http': { + 'no-referrer': '', + 'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=http&policy=unsafe-url&type=window.location', + 'origin': 'https://example.com/', + 'origin-when-cross-origin': 'https://example.com/', + 'no-referrer-when-downgrade': '', + 'same-origin': '', + 'strict-origin': '', + 'strict-origin-when-cross-origin':'' + }, + 'https-to-https': { + 'no-referrer': '', + 'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=unsafe-url&type=window.location', + 'origin': 'https://example.com/', + 'origin-when-cross-origin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=origin-when-cross-origin&type=window.location', + 'no-referrer-when-downgrade': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer-when-downgrade&type=window.location', + 'same-origin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=same-origin&type=window.location', + 'strict-origin': 'https://example.com/', + 'strict-origin-when-cross-origin':'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=strict-origin-when-cross-origin&type=window.location' + } + }, + 'default': { + 'http-to-http': { + 'no-referrer': '', + 'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=unsafe-url', + 'origin': 'http://example.com/', + 'origin-when-cross-origin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=origin-when-cross-origin', + 'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer-when-downgrade', + 'same-origin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=same-origin', + 'strict-origin': 'http://example.com/', + 'strict-origin-when-cross-origin':'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=strict-origin-when-cross-origin' + }, + 'http-to-https': { + 'no-referrer': '', + 'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url', + 'origin': 'http://example.com/', + 'origin-when-cross-origin': 'http://example.com/', + 'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade', + 'same-origin': '', + 'strict-origin': 'http://example.com/', + 'strict-origin-when-cross-origin':'http://example.com/' + }, + 'https-to-http': { + 'no-referrer': '', + 'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=http&policy=unsafe-url', + 'origin': 'https://example.com/', + 'origin-when-cross-origin': 'https://example.com/', + 'no-referrer-when-downgrade': '', + 'same-origin': '', + 'strict-origin': '', + 'strict-origin-when-cross-origin':'' + }, + 'https-to-https': { + 'no-referrer': '', + 'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=unsafe-url', + 'origin': 'https://example.com/', + 'origin-when-cross-origin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=origin-when-cross-origin', + 'no-referrer-when-downgrade': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer-when-downgrade', + 'same-origin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=same-origin', + 'strict-origin': 'https://example.com/', + 'strict-origin-when-cross-origin':'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=strict-origin-when-cross-origin' + } + } +}; |