Bug 1678545 - P2. Add a WPT to verify the referrer header is sent correctly r=ckerschb

Depends on D99358

Differential Revision: https://phabricator.services.mozilla.com/D99359

testing/web-platform/tests/fetch/api/redirect/redirect-referrer-override.any.js

@@ -0,0 +1,104 @@
+// META: timeout=long
+// META: script=/common/utils.js
+// META: script=../resources/utils.js
+// META: script=/common/get-host-info.sub.js
+
+function getExpectation(expectations, init, initScenario, redirectPolicy, redirectScenario) {
+  let policies = [
+    expectations[initPolicy][initScenario],
+    expectations[redirectPolicy][redirectScenario]
+  ];
+
+  if (policies.includes("omitted")) {
+    return null;
+  } else if (policies.includes("origin")) {
+    return referrerOrigin;
+  } else {
+    // "stripped-referrer"
+    return referrerUrl;
+  }
+}
+
+function testReferrerAfterRedirection(desc, redirectUrl, redirectLocation, referrerPolicy, redirectReferrerPolicy, expectedReferrer) {
+  var url = redirectUrl;
+  var urlParameters = "?location=" + encodeURIComponent(redirectLocation);
+  var description = desc + ", " + referrerPolicy + " init, " + redirectReferrerPolicy + " redirect header ";
+
+  if (redirectReferrerPolicy)
+    urlParameters += "&redirect_referrerpolicy=" + redirectReferrerPolicy;
+
+  var requestInit = {"redirect": "follow", "referrerPolicy": referrerPolicy};
+    promise_test(function(test) {
+      return fetch(url + urlParameters, requestInit).then(function(response) {
+        assert_equals(response.status, 200, "Inspect header response's status is 200");
+        assert_equals(response.headers.get("x-request-referer"), expectedReferrer ? expectedReferrer : null, "Check referrer header");
+      });
+    }, description);
+}
+
+var referrerOrigin = get_host_info().HTTP_ORIGIN + "/";
+var referrerUrl = location.href;
+
+var redirectUrl = RESOURCES_DIR + "redirect.py";
+var locationUrl = get_host_info().HTTP_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "inspect-headers.py?headers=referer";
+var crossLocationUrl = get_host_info().HTTP_REMOTE_ORIGIN + dirname(location.pathname) + RESOURCES_DIR + "inspect-headers.py?cors&headers=referer";
+
+var expectations = {
+  "no-referrer": {
+    "same-origin": "omitted",
+    "cross-origin": "omitted"
+  },
+  "no-referrer-when-downgrade": {
+    "same-origin": "stripped-referrer",
+    "cross-origin": "stripped-referrer"
+  },
+  "origin": {
+    "same-origin": "origin",
+    "cross-origin": "origin"
+  },
+  "origin-when-cross-origin": {
+    "same-origin": "stripped-referrer",
+    "cross-origin": "origin",
+  },
+  "same-origin": {
+    "same-origin": "stripped-referrer",
+    "cross-origin": "omitted"
+  },
+  "strict-origin": {
+    "same-origin": "origin",
+    "cross-origin": "origin"
+  },
+  "strict-origin-when-cross-origin": {
+    "same-origin": "stripped-referrer",
+    "cross-origin": "origin"
+  },
+  "unsafe-url": {
+    "same-origin": "stripped-referrer",
+    "cross-origin": "stripped-referrer"
+  }
+};
+
+for (var initPolicy in expectations) {
+  for (var redirectPolicy in expectations) {
+
+    // Redirect to same-origin URL
+    testReferrerAfterRedirection(
+      "Same origin redirection",
+      redirectUrl,
+      locationUrl,
+      initPolicy,
+      redirectPolicy,
+      getExpectation(expectations, initPolicy, "same-origin", redirectPolicy, "same-origin"));
+
+    // Redirect to cross-origin URL
+    testReferrerAfterRedirection(
+      "Cross origin redirection",
+      redirectUrl,
+      crossLocationUrl,
+      initPolicy,
+      redirectPolicy,
+      getExpectation(expectations, initPolicy, "same-origin", redirectPolicy, "cross-origin"));
+  }
+}
+
+done();