html/cross-origin-opener-policy/tentative/restrict-properties/reporting-bcg-reuse.https.html

<!doctype html>
<title>
  Verify that we consider browsing context group reuse for COOP reporting.
</title>
<meta name="timeout" content="long">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
<script src="/html/cross-origin-opener-policy/reporting/resources/reporting-common.js"></script>
<script src="/html/cross-origin-opener-policy/reporting/resources/try-access.js"></script>
<script src="/html/cross-origin-opener-policy/resources/common.js"></script>
<script>

const same_origin = get_host_info().HTTPS_ORIGIN;
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;

promise_test(async test => {
  const driver_token = token(); // For this window.
  const report_token = token();
  const reportTo = reportToHeaders(report_token);

  // 1. Start by opening a first window that will act as the opener in this test
  // scenario. It sets COOP-RO: restrict-properties.
  const opener_token = token(); // The current test window.
  const opener_url = same_origin + executor_path + reportTo.header +
      reportTo.coopReportOnlyRestrictPropertiesHeader +
      `&uuid=${opener_token}`;
  const opener = window.open(opener_url);
  test.add_cleanup(() => send(opener_token, "window.close()"));

  // 2. From the opener, open a popup without any COOP. It should be in a
  // different virtual browsing context group.
  const initial_openee_token = token();
  const initial_openee_url = cross_origin + executor_path +
      `&uuid=${initial_openee_token}`;
  send(opener_token, `
    window.openee = window.open('${initial_openee_url}');
  `);
  test.add_cleanup(() => send(opener_token, "window.close()"));

  // 3. Navigate the openee to a COOP-RO: restrict-properties page. If the
  // policy was enforced, it would live in the same browsing context group as
  // the opener. The virtual browsing context group should similarly be equal.
  // Note: We omit the reporting endpoint header, because it is not possible to
  // easily escape it. Since it is not necessary in this test, we skip it.
  const final_openee_token = token();
  const final_openee_url = same_origin + executor_path +
      reportTo.coopReportOnlyRestrictPropertiesHeader +
      `&uuid=${final_openee_token}`;

  send(initial_openee_token, `location.href = '${final_openee_url}';`);
  test.add_cleanup(() => send(final_openee_token, "window.close()"));

  // Wait for the final openee to load.
  send(final_openee_token,
    `send("${driver_token}", "Ready");
  `);
  assert_equals(await receive(driver_token), "Ready");

  // 4. Try to access the openee from the opener. No report should be sent.
  send(opener_token, addScriptAndTriggerOnload(
    "/html/cross-origin-opener-policy/reporting/resources/try-access.js",
    "tryAccess(window.openee);")
  );

  let report =
    await receiveReport(report_token, "access-from-coop-page-to-openee")
  assert_equals(report, "timeout");

}, "access-reporting-browsing-context-group-reuse");

</script>