html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-popup-same-origin-coep-report-to.https.html

<meta name=timeout content=long>
<title>reporting same origin with report-to</title>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/common/utils.js"></script>
<script src="../../resources/common.js"></script>
<script src="../resources/dispatcher.js"></script>
<script src="../resources/reporting-common.js"></script>
<script>

let tests = [
  // popup origin, popup COOP, popup COEP, popup COOP report only, popup COEP report only, expected reports

  // Open and navigate a popup to a same-origin page with the same COOP-COEP
  // settings: no browsing context group switch hence no report expected.
  [
    SAME_ORIGIN,
    `same-origin; report-to="${popupReportEndpoint.name}"`,
    "require-corp",
    "",
    "",
    []
  ],
  // Open a same-origin popup with a same-origin COOP but no COEP. Produces two
  // reports (one from and one to). The from report has an effective-policy of
  // same-origin-plus-coep, both pages being same origin, the entire
  // next/pervious document urls are available.
  [
    SAME_ORIGIN,
    `same-origin; report-to="${popupReportEndpoint.name}"`,
    "",
    "",
    "",
    [
      {
        "endpoint": reportEndpoint,
        "report": {
          "body": {
            "disposition": "enforce",
            "document-uri": `${location.href}`,
            "effective-policy": "same-origin-plus-coep",
            "navigation-uri": /uuid=EXECUTOR_UUID$/, // next destination url
            "violation-type": "navigation-from-document"
          },
          "url": `${location.href}`,
          "type": "coop"
        }
      },
      {
        "endpoint": popupReportEndpoint,
        "report": {
          "body": {
            "disposition": "enforce",
            "document-uri": /uuid=EXECUTOR_UUID$/,
            "effective-policy": "same-origin",
            "navigation-uri": `${location.href}`, // previous document url
            "violation-type": "navigation-to-document"
          },
          "url": /uuid=EXECUTOR_UUID$/,
          "type": "coop"
        }
      }
    ]
  ],
  // Open a cross-origin popup with a same-origin COOP and COEP.  Produces two
  // reports (one from and one to). The from report has an effective-policy of
  // same-origin-plus-coep, both pages being cross origin, the next/pervious
  // document urls are not available and the initial document url/referrer are
  // used instead.
  [
    CROSS_ORIGIN,
    `same-origin; report-to="${popupReportEndpoint.name}"`,
    "require-corp",
    "",
    "",
    [
      {
        "endpoint": reportEndpoint,
        "report": {
          "body": {
            "disposition": "enforce",
            "document-uri": `${location.href}`,
            "effective-policy": "same-origin-plus-coep",
            "navigation-uri": /uuid=EXECUTOR_UUID$/, // initial navigation url
            "violation-type": "navigation-from-document"
          },
          "url": `${location.href}`,
          "type": "coop"
        }
      },
      {
        "endpoint": popupReportEndpoint,
        "report": {
          "body": {
            "disposition": "enforce",
            "document-uri": /uuid=EXECUTOR_UUID$/,
            "effective-policy": "same-origin-plus-coep",
            "navigation-uri": `${location.origin}/`, // referrer (origin, as dictated by the referrer policy)
            "violation-type": "navigation-to-document"
          },
          "url": /uuid=EXECUTOR_UUID$/,
          "type": "coop"
        }
      }
    ]
  ],
];

runNavigationReportingTests(document.title, tests);

</script>