blob: 793aef76ed981a5d97d20a747087e77eb37dc4ef (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by referrer-policy/generic/tools/generate.py using referrer-policy/generic/template/test.release.html.template. -->
<html>
<head>
<title>Referrer-Policy: Referrer Policy is set to 'strict-origin-when-cross-origin'</title>
<meta name="description" content="Check that a priori insecure subresource gets no referrer information. Otherwise, cross-origin subresources get the origin portion of the referrer URL and same-origin get the stripped referrer URL.">
<meta name="referrer" content="strict-origin-when-cross-origin">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin">
<meta name="assert" content="The referrer URL is origin when a
document served over http requires an https
sub-resource via xhr-request using the meta-referrer
delivery method with swap-origin-redirect and when
the target request is same-origin.">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<!-- TODO(kristijanburnik): Minify and merge both: -->
<script src="/referrer-policy/generic/common.js"></script>
<script src="/referrer-policy/generic/referrer-policy-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
ReferrerPolicyTestCase(
{
"referrer_policy": "strict-origin-when-cross-origin",
"delivery_method": "meta-referrer",
"redirection": "swap-origin-redirect",
"origin": "same-origin",
"source_protocol": "http",
"target_protocol": "https",
"subresource": "xhr-request",
"subresource_path": "/referrer-policy/generic/subresource/xhr.py",
"referrer_url": "origin"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>
|
