speculation-rules/prefetch/referrer-policy-from-rules.https.html - external/w3c/web-platform-tests - Git at Google

 <!DOCTYPE html>
 <title>Prefetch with the referrer policy specified in speculation rules</title>

 <!--Split test cases due to the use of timeouts in speculation rules test utilities.-->
 <meta name="variant" content="?1-1">
 <meta name="variant" content="?2-2">
 <meta name="variant" content="?3-3">
 <meta name="variant" content="?4-4">
 <meta name="variant" content="?5-5">
 <meta name="variant" content="?6-last">

 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/dispatcher/dispatcher.js"></script>
 <script src="/common/subset-tests.js"></script>
 <script src="/common/utils.js"></script>
 <script src="resources/utils.sub.js"></script>

 <script>
 "use strict";

 subsetTest(promise_test, async t => {
   assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

   const agent = await spawnWindow(t);
   await agent.setReferrerPolicy("strict-origin-when-cross-origin");
   const expectedReferrer = agent.getExecutorURL().origin + "/";

   const nextURL = agent.getExecutorURL({ page: 2 });
   await agent.forceSinglePrefetch(nextURL, { referrer_policy: "strict-origin" });
   await agent.navigate(nextURL);

   const headers = await agent.getRequestHeaders();
   assert_prefetched(headers, "must be prefetched");
   assert_equals(headers.referer, expectedReferrer, "must send the origin as the referrer");
 }, 'with "strict-origin" referrer policy in rule set overriding "strict-origin-when-cross-origin" of referring page');

 subsetTest(promise_test, async t => {
   assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

   const agent = await spawnWindow(t);
   const next_url = agent.getExecutorURL({ page: 2 });
   await agent.execute_script((url) => {
     const a = addLink(url);
     a.referrerPolicy = 'no-referrer';
     insertDocumentRule(undefined, { referrer_policy: 'strict-origin' });
   }, [next_url]);
   await new Promise(resolve => t.step_timeout(resolve, 2000));
   await agent.navigate(next_url);

   const headers = await agent.getRequestHeaders();
   assert_prefetched(headers, 'must be prefetched');
   const expected_referrer = next_url.origin + '/';
   assert_equals(headers.referer, expected_referrer, 'must send the origin as the referrer');
 }, 'with "strict-origin" referrer policy in rule set override "no-referrer" of link');

 subsetTest(promise_test, async t => {
   assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

   const agent = await spawnWindow(t);
   await agent.setReferrerPolicy("unsafe-url");

   const nextURL = agent.getExecutorURL({ hostname: PREFETCH_PROXY_BYPASS_HOST, page: 2 });
   await agent.forceSinglePrefetch(
       nextURL, { referrer_policy: "no-referrer", requires: ["anonymous-client-ip-when-cross-origin"] });
   await agent.navigate(nextURL);

   // This referring page's referrer policy would not be eligible for
   // cross-site prefetching, but setting a sufficiently strict policy in the
   // rule allows for prefetching.
   const headers = await agent.getRequestHeaders();
   assert_prefetched(headers, "must be prefetched");
   assert_equals(headers.referer, '', "must send no referrer");
 }, 'with "no-referrer" referrer policy in rule set overriding "unsafe-url" of cross-site referring page');

 subsetTest(promise_test, async t => {
   assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

   const agent = await spawnWindow(t);
   await agent.setReferrerPolicy("strict-origin-when-cross-origin");

   const nextURL = agent.getExecutorURL({ page: 2 });
   await agent.forceSinglePrefetch(nextURL, { referrer_policy: "no-referrrrrrrer" });
   await agent.navigate(nextURL);

   const headers = await agent.getRequestHeaders();
   assert_not_prefetched(headers, "must not be prefetched");
 }, 'unrecognized policies invalidate the rule');

 subsetTest(promise_test, async t => {
   assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

   const agent = await spawnWindow(t);
   await agent.setReferrerPolicy("strict-origin-when-cross-origin");

   const nextURL = agent.getExecutorURL({ page: 2 });
   await agent.forceSinglePrefetch(nextURL, { referrer_policy: "never" });
   await agent.navigate(nextURL);

   const headers = await agent.getRequestHeaders();
   assert_not_prefetched(headers, "must not be prefetched");
 }, 'treat legacy referrer policy values as invalid');

 subsetTest(promise_test, async t => {
   assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

   const agent = await spawnWindow(t);
   await agent.setReferrerPolicy("strict-origin");
   const expectedReferrer = agent.getExecutorURL().origin + "/";

   const nextURL = agent.getExecutorURL({ hostname: PREFETCH_PROXY_BYPASS_HOST, page: 2 });
   await agent.forceSinglePrefetch(
       nextURL, { referrer_policy: "unsafe-url", requires: ["anonymous-client-ip-when-cross-origin"] });
   await agent.navigate(nextURL);

   // This referring page's referrer policy would normally make it eligible for
   // cross-site prefetching, but setting an unacceptable policy in the rule
   // makes it ineligible.
   const headers = await agent.getRequestHeaders();
   assert_not_prefetched(headers, "must not be prefetched");
   assert_equals(headers.referer, expectedReferrer, "must send the origin as the referrer");
 }, 'with "unsafe-url" referrer policy in rule set overriding "strict-origin" of cross-site referring page');

 </script>
	<!DOCTYPE html>
	<title>Prefetch with the referrer policy specified in speculation rules</title>

	<!--Split test cases due to the use of timeouts in speculation rules test utilities.-->
	<meta name="variant" content="?1-1">
	<meta name="variant" content="?2-2">
	<meta name="variant" content="?3-3">
	<meta name="variant" content="?4-4">
	<meta name="variant" content="?5-5">
	<meta name="variant" content="?6-last">

	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="/common/dispatcher/dispatcher.js"></script>
	<script src="/common/subset-tests.js"></script>
	<script src="/common/utils.js"></script>
	<script src="resources/utils.sub.js"></script>

	<script>
	"use strict";

	subsetTest(promise_test, async t => {
	assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

	const agent = await spawnWindow(t);
	await agent.setReferrerPolicy("strict-origin-when-cross-origin");
	const expectedReferrer = agent.getExecutorURL().origin + "/";

	const nextURL = agent.getExecutorURL({ page: 2 });
	await agent.forceSinglePrefetch(nextURL, { referrer_policy: "strict-origin" });
	await agent.navigate(nextURL);

	const headers = await agent.getRequestHeaders();
	assert_prefetched(headers, "must be prefetched");
	assert_equals(headers.referer, expectedReferrer, "must send the origin as the referrer");
	}, 'with "strict-origin" referrer policy in rule set overriding "strict-origin-when-cross-origin" of referring page');

	subsetTest(promise_test, async t => {
	assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

	const agent = await spawnWindow(t);
	const next_url = agent.getExecutorURL({ page: 2 });
	await agent.execute_script((url) => {
	const a = addLink(url);
	a.referrerPolicy = 'no-referrer';
	insertDocumentRule(undefined, { referrer_policy: 'strict-origin' });
	}, [next_url]);
	await new Promise(resolve => t.step_timeout(resolve, 2000));
	await agent.navigate(next_url);

	const headers = await agent.getRequestHeaders();
	assert_prefetched(headers, 'must be prefetched');
	const expected_referrer = next_url.origin + '/';
	assert_equals(headers.referer, expected_referrer, 'must send the origin as the referrer');
	}, 'with "strict-origin" referrer policy in rule set override "no-referrer" of link');

	subsetTest(promise_test, async t => {
	assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

	const agent = await spawnWindow(t);
	await agent.setReferrerPolicy("unsafe-url");

	const nextURL = agent.getExecutorURL({ hostname: PREFETCH_PROXY_BYPASS_HOST, page: 2 });
	await agent.forceSinglePrefetch(
	nextURL, { referrer_policy: "no-referrer", requires: ["anonymous-client-ip-when-cross-origin"] });
	await agent.navigate(nextURL);

	// This referring page's referrer policy would not be eligible for
	// cross-site prefetching, but setting a sufficiently strict policy in the
	// rule allows for prefetching.
	const headers = await agent.getRequestHeaders();
	assert_prefetched(headers, "must be prefetched");
	assert_equals(headers.referer, '', "must send no referrer");
	}, 'with "no-referrer" referrer policy in rule set overriding "unsafe-url" of cross-site referring page');

	subsetTest(promise_test, async t => {
	assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

	const agent = await spawnWindow(t);
	await agent.setReferrerPolicy("strict-origin-when-cross-origin");

	const nextURL = agent.getExecutorURL({ page: 2 });
	await agent.forceSinglePrefetch(nextURL, { referrer_policy: "no-referrrrrrrer" });
	await agent.navigate(nextURL);

	const headers = await agent.getRequestHeaders();
	assert_not_prefetched(headers, "must not be prefetched");
	}, 'unrecognized policies invalidate the rule');

	subsetTest(promise_test, async t => {
	assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

	const agent = await spawnWindow(t);
	await agent.setReferrerPolicy("strict-origin-when-cross-origin");

	const nextURL = agent.getExecutorURL({ page: 2 });
	await agent.forceSinglePrefetch(nextURL, { referrer_policy: "never" });
	await agent.navigate(nextURL);

	const headers = await agent.getRequestHeaders();
	assert_not_prefetched(headers, "must not be prefetched");
	}, 'treat legacy referrer policy values as invalid');

	subsetTest(promise_test, async t => {
	assert_implements(HTMLScriptElement.supports('speculationrules'), "Speculation Rules not supported");

	const agent = await spawnWindow(t);
	await agent.setReferrerPolicy("strict-origin");
	const expectedReferrer = agent.getExecutorURL().origin + "/";

	const nextURL = agent.getExecutorURL({ hostname: PREFETCH_PROXY_BYPASS_HOST, page: 2 });
	await agent.forceSinglePrefetch(
	nextURL, { referrer_policy: "unsafe-url", requires: ["anonymous-client-ip-when-cross-origin"] });
	await agent.navigate(nextURL);

	// This referring page's referrer policy would normally make it eligible for
	// cross-site prefetching, but setting an unacceptable policy in the rule
	// makes it ineligible.
	const headers = await agent.getRequestHeaders();
	assert_not_prefetched(headers, "must not be prefetched");
	assert_equals(headers.referer, expectedReferrer, "must send the origin as the referrer");
	}, 'with "unsafe-url" referrer policy in rule set overriding "strict-origin" of cross-site referring page');

	</script>