Bug 1557294 [wpt PR 17204] - Ship `referer` header length limitation., a=testonly

Automatic update from web-platform-tests Ship `referer` header length limitation. (#17204) This patch adds web platform tests to verify the behavior of the referrer header and `document.referrer` after flipping the length limitiation flag to on-by-default. Intent to Ship: https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/lckJ5OAkUNo/ooVNdvhLAgAJ Bug: 959757 Change-Id: I385f8f12f20109c50ededb9018a08cd665cb6868 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1646784 Commit-Queue: Mike West <mkwst@chromium.org> Reviewed-by: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#667039} -- wpt-commits: 9e059910c901218756454b7979c6f95a6f306854 wpt-pr: 17204
2019-07-19 18:18:13 +00:00 · 2019-07-19 18:18:13 +00:00 · 2fb14c3aa6
--- a/testing/web-platform/tests/referrer-policy/generic/referrer-policy-test-case.sub.js
+++ b/testing/web-platform/tests/referrer-policy/generic/referrer-policy-test-case.sub.js
@ -125,14 +125,52 @@ function ReferrerPolicyTestCase(scenario, testDescription, sanityChecker) {
      policyDeliveries: [delivery]
    };

+    let currentURL = location.toString();
    const expectedReferrer =
-      referrerUrlResolver[scenario.referrer_url](location.toString());
+      referrerUrlResolver[scenario.referrer_url](currentURL);

    // Request in the top-level document.
    promise_test(_ => {
+      return invokeRequest(subresource, [])
+        .then(result => checkResult(expectedReferrer, result));
+    }, testDescription);
+
+    // `Referer` headers with length over 4k are culled down to an origin, so, let's test around
+    // that boundary for tests that would otherwise return the complete URL.
+    if (scenario.referrer_url == "stripped-referrer") {
+      promise_test(_ => {
+        history.pushState(null, null, "/");
+        history.replaceState(null, null, "A".repeat(4096 - location.href.length - 1));
+        const expectedReferrer = location.href;
+        // Ensure that we don't load the same URL as the previous test.
+        subresource.url += "&-1";
        return invokeRequest(subresource, [])
-          .then(result => checkResult(expectedReferrer, result));
-      }, testDescription);
+          .then(result => checkResult(location.href, result))
+          .finally(_ => history.back());
+      }, "`Referer` header with length < 4k is not stripped to an origin.");
+
+      promise_test(_ => {
+        history.pushState(null, null, "/");
+        history.replaceState(null, null, "A".repeat(4096 - location.href.length));
+        const expectedReferrer = location.href;
+        // Ensure that we don't load the same URL as the previous test.
+        subresource.url += "&0";
+        return invokeRequest(subresource, [])
+          .then(result => checkResult(expectedReferrer, result))
+          .finally(_ => history.back());
+      }, "`Referer` header with length == 4k is not stripped to an origin.");
+
+      promise_test(_ => {
+        const originString = referrerUrlResolver["origin"](currentURL);
+        history.pushState(null, null, "/");
+        history.replaceState(null, null, "A".repeat(4096 - location.href.length + 1));
+        // Ensure that we don't load the same URL as the previous test.
+        subresource.url += "&+1";
+        return invokeRequest(subresource, [])
+          .then(result => checkResult(originString, result))
+          .finally(_ => history.back());
+      }, "`Referer` header with length > 4k is stripped to an origin.");
+    }

    // We test requests from inside iframes only for <img> tags.
    // This is just to preserve the previous test coverage.