зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1649111
[wpt PR 24379] - [COOP] Report-only navigation tests, a=testonly
Automatic update from web-platform-tests [COOP] Report-only navigation tests (#24379) This adds basic tests of the report-only features for the navigation case, where the report-only headers would cause a browsing context group switch. Bug: 1099208 Change-Id: Ia5261d5d1ddac4a83943e0a48b5ef5f2cdb47b7b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2266000 Commit-Queue: Pâris Meuleman <pmeuleman@chromium.org> Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org> Auto-Submit: Pâris Meuleman <pmeuleman@chromium.org> Cr-Commit-Position: refs/heads/master@{#785021} Co-authored-by: Pâris MEULEMAN <pmeuleman@chromium.org> -- wpt-commits: b7938227eacdc8d6d475c5a7bff061724d6ebd3f wpt-pr: 24379
This commit is contained in:
Родитель
247c70535a
Коммит
88bff574a3
|
@ -0,0 +1,88 @@
|
||||||
|
|
||||||
|
<meta name=timeout content=long>
|
||||||
|
<title>A test with both COOP and COOP report only setup</title>
|
||||||
|
<script src=/resources/testharness.js></script>
|
||||||
|
<script src=/resources/testharnessreport.js></script>
|
||||||
|
<script src="/common/get-host-info.sub.js"></script>
|
||||||
|
<script src="/common/utils.js"></script>
|
||||||
|
<script src="../../resources/common.js"></script>
|
||||||
|
<script src="../resources/dispatcher.js"></script>
|
||||||
|
<script src="../resources/reporting-common.js"></script>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
|
||||||
|
let tests = [
|
||||||
|
// popup origin, popup COOP, popup COEP, popup COOP report-only, popup COEP report-only, expected reports
|
||||||
|
|
||||||
|
// Open a cross-origin popup with both normal and report-only COOP. Four
|
||||||
|
// reports are sent.
|
||||||
|
[
|
||||||
|
CROSS_ORIGIN,
|
||||||
|
`same-origin-allow-popups; report-to="${popupReportEndpoint.name}"`,
|
||||||
|
"require-corp",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"require-corp",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": reportEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "enforce",
|
||||||
|
"document-uri": `${location.href}`,
|
||||||
|
"effective-policy": "same-origin-allow-popups",
|
||||||
|
"navigation-uri": /uuid=EXECUTOR_UUID$/, // next document URL
|
||||||
|
"violation-type": "navigation-from-document"
|
||||||
|
},
|
||||||
|
"url": `${location.href}`,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"endpoint": reportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": `${location.href}`,
|
||||||
|
"effective-policy": "same-origin-plus-coep",
|
||||||
|
"navigation-uri": /uuid=EXECUTOR_UUID$/, // next document URL
|
||||||
|
"violation-type": "navigation-from-document"
|
||||||
|
},
|
||||||
|
"url": `${location.href}`,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"endpoint": popupReportEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "enforce",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin-allow-popups",
|
||||||
|
"navigation-uri": `${location.origin}/`, // referrer
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"endpoint": popupReportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin-plus-coep",
|
||||||
|
"navigation-uri": `${location.origin}/`, // referrer
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
]
|
||||||
|
];
|
||||||
|
|
||||||
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
||||||
|
</script>
|
|
@ -0,0 +1,6 @@
|
||||||
|
Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="coop-report-endpoint"
|
||||||
|
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop-report-only-endpoint"
|
||||||
|
Cross-Origin-Embedder-Policy: require-corp
|
||||||
|
Cross-Origin-Embedder-Policy-Report-Only: require-corp
|
||||||
|
Referrer-Policy: origin
|
||||||
|
report-to: { "group": "coop-report-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-opener-policy/reporting/resources/report.py?endpoint=coop-report-endpoint" }] }, { "group": "coop-report-only-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-opener-policy/reporting/resources/report.py?endpoint=coop-report-only-endpoint" }]}
|
|
@ -0,0 +1,71 @@
|
||||||
|
|
||||||
|
<meta name=timeout content=long>
|
||||||
|
<title>Report only tests for an opener without any COOP/COOP report only set</title>
|
||||||
|
<script src=/resources/testharness.js></script>
|
||||||
|
<script src=/resources/testharnessreport.js></script>
|
||||||
|
<script src="/common/get-host-info.sub.js"></script>
|
||||||
|
<script src="/common/utils.js"></script>
|
||||||
|
<script src="../../resources/common.js"></script>
|
||||||
|
<script src="../resources/dispatcher.js"></script>
|
||||||
|
<script src="../resources/reporting-common.js"></script>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
|
||||||
|
let tests = [
|
||||||
|
// popup origin, popup COOP, popup COEP, popup COOP report-only, popup COEP report-only, expected reports
|
||||||
|
|
||||||
|
// Open a same-origin popup with a same-origin COOP report-only value, which
|
||||||
|
// would cause a browsing context group swap, hence a report is sent.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": popupReportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin",
|
||||||
|
"navigation-uri": `${location.href}`, // previous documnent url
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
],
|
||||||
|
// Open a cross-origin popup with a same-origin COOP report-only value, which
|
||||||
|
// would cause a browsing context group swap, hence a report is sent.
|
||||||
|
[
|
||||||
|
CROSS_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": popupReportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin",
|
||||||
|
"navigation-uri": `${location.origin}/`, // referrer (origin, as dictated by the referrer policy)
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
||||||
|
</script>
|
|
@ -0,0 +1 @@
|
||||||
|
Referrer-Policy: origin
|
|
@ -0,0 +1,98 @@
|
||||||
|
|
||||||
|
<meta name=timeout content=long>
|
||||||
|
<title>reporting same origin with report-to</title>
|
||||||
|
<script src=/resources/testharness.js></script>
|
||||||
|
<script src=/resources/testharnessreport.js></script>
|
||||||
|
<script src="/common/get-host-info.sub.js"></script>
|
||||||
|
<script src="/common/utils.js"></script>
|
||||||
|
<script src="../../resources/common.js"></script>
|
||||||
|
<script src="../resources/dispatcher.js"></script>
|
||||||
|
<script src="../resources/reporting-common.js"></script>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
|
||||||
|
let tests = [
|
||||||
|
// popup origin, popup COOP, popup COEP, popup COOP report-only, popup COEP report-only, expected reports
|
||||||
|
|
||||||
|
// Open a cross-origin popup without any COOP setup, the current document
|
||||||
|
// (opener) report-only would cause a browsing context group swap, hence a
|
||||||
|
// report is sent to the corresponding endpoint.
|
||||||
|
[
|
||||||
|
CROSS_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": reportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": `${location.href}`,
|
||||||
|
"effective-policy": "same-origin",
|
||||||
|
"navigation-uri": /uuid=EXECUTOR_UUID$/, // next document URL
|
||||||
|
"violation-type": "navigation-from-document"
|
||||||
|
},
|
||||||
|
"url": `${location.href}`,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
]
|
||||||
|
],
|
||||||
|
// Open a cross-origin popup with a same-origin COOP report-only value, which
|
||||||
|
// would cause a browsing context group swap, hence a report is sent to both
|
||||||
|
// endpoints.
|
||||||
|
[
|
||||||
|
CROSS_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": reportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": `${location.href}`,
|
||||||
|
"effective-policy": "same-origin",
|
||||||
|
"navigation-uri": /uuid=EXECUTOR_UUID$/, // next document URL
|
||||||
|
"violation-type": "navigation-from-document"
|
||||||
|
},
|
||||||
|
"url": `${location.href}`,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"endpoint": popupReportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin",
|
||||||
|
"navigation-uri": `${location.origin}/`, // referrer
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
],
|
||||||
|
// Open a same-origin popup with a same-origin COOP report-only value, the two
|
||||||
|
// COOP-report-only values match, hence no virtual browsing context group swap
|
||||||
|
// happens and no report is sent.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[]
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
||||||
|
</script>
|
|
@ -0,0 +1,3 @@
|
||||||
|
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop-report-only-endpoint"
|
||||||
|
Referrer-Policy: origin
|
||||||
|
report-to: { "group": "coop-report-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-opener-policy/reporting/resources/report.py?endpoint=coop-report-endpoint" }] }, { "group": "coop-report-only-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-opener-policy/reporting/resources/report.py?endpoint=coop-report-only-endpoint" }]}
|
|
@ -0,0 +1,32 @@
|
||||||
|
|
||||||
|
<meta name=timeout content=long>
|
||||||
|
<title>reporting same origin with report-to</title>
|
||||||
|
<script src=/resources/testharness.js></script>
|
||||||
|
<script src=/resources/testharnessreport.js></script>
|
||||||
|
<script src="/common/get-host-info.sub.js"></script>
|
||||||
|
<script src="/common/utils.js"></script>
|
||||||
|
<script src="../../resources/common.js"></script>
|
||||||
|
<script src="../resources/dispatcher.js"></script>
|
||||||
|
<script src="../resources/reporting-common.js"></script>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
|
||||||
|
let tests = [
|
||||||
|
// popup origin, popup COOP, popup COEP, popup COOP report-only, popup COEP report-only, expected reports
|
||||||
|
|
||||||
|
// Open a cross-origin popup with COOP report-only with coep, which mismatches
|
||||||
|
// with the current document (opener) COOP (unsafe-none) and COOP report-only
|
||||||
|
// (same-origin) values.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"require-corp",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[]
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
||||||
|
</script>
|
|
@ -0,0 +1,3 @@
|
||||||
|
Cross-Origin-Opener-Policy-Report-Only: same-origin
|
||||||
|
Cross-Origin-Embedder-Policy-Report-Only: require-corp
|
||||||
|
Referrer-Policy: origin
|
|
@ -0,0 +1,32 @@
|
||||||
|
|
||||||
|
<meta name=timeout content=long>
|
||||||
|
<title>reporting same origin with report-to</title>
|
||||||
|
<script src=/resources/testharness.js></script>
|
||||||
|
<script src=/resources/testharnessreport.js></script>
|
||||||
|
<script src="/common/get-host-info.sub.js"></script>
|
||||||
|
<script src="/common/utils.js"></script>
|
||||||
|
<script src="../../resources/common.js"></script>
|
||||||
|
<script src="../resources/dispatcher.js"></script>
|
||||||
|
<script src="../resources/reporting-common.js"></script>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
|
||||||
|
let tests = [
|
||||||
|
// popup origin, popup COOP, popup COEP, popup COOP report-only, popup COEP report-only, expected reports
|
||||||
|
|
||||||
|
// Open a cross-origin popup with COOP report-only with coep, which mismatches
|
||||||
|
// with the current document (opener) COOP (unsafe-none) and COOP report-only
|
||||||
|
// (same-origin) values.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"require-corp",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[]
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
||||||
|
</script>
|
|
@ -0,0 +1,3 @@
|
||||||
|
Cross-Origin-Opener-Policy-Report-Only: same-origin
|
||||||
|
Cross-Origin-Embedder-Policy: require-corp
|
||||||
|
Referrer-Policy: origin
|
|
@ -0,0 +1,73 @@
|
||||||
|
|
||||||
|
<meta name=timeout content=long>
|
||||||
|
<title>reporting same origin with report-to</title>
|
||||||
|
<script src=/resources/testharness.js></script>
|
||||||
|
<script src=/resources/testharnessreport.js></script>
|
||||||
|
<script src="/common/get-host-info.sub.js"></script>
|
||||||
|
<script src="/common/utils.js"></script>
|
||||||
|
<script src="../../resources/common.js"></script>
|
||||||
|
<script src="../resources/dispatcher.js"></script>
|
||||||
|
<script src="../resources/reporting-common.js"></script>
|
||||||
|
|
||||||
|
<script>
|
||||||
|
|
||||||
|
let tests = [
|
||||||
|
// popup origin, popup COOP, popup COEP, popup COOP report-only, popup COEP report-only, expected reports
|
||||||
|
|
||||||
|
// Open a cross-origin popup with COOP report-only with coep, which mismatches
|
||||||
|
// with the current document (opener) COOP (unsafe-none) and COOP report-only
|
||||||
|
// (same-origin) values.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"require-corp",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": popupReportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin-plus-coep",
|
||||||
|
"navigation-uri": `${location.href}`,
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
],
|
||||||
|
// Open a cross-origin popup with COOP report-only with coep report-only,
|
||||||
|
// which mismatches with the current document (opener) COOP (unsafe-none) and
|
||||||
|
// COOP report-only (same-origin) values.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"require-corp",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": popupReportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin-plus-coep",
|
||||||
|
"navigation-uri": `${location.href}`,
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
],
|
||||||
|
];
|
||||||
|
|
||||||
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
||||||
|
</script>
|
|
@ -0,0 +1,2 @@
|
||||||
|
Cross-Origin-Opener-Policy-Report-Only: same-origin
|
||||||
|
Referrer-Policy: origin
|
|
@ -105,6 +105,69 @@ let tests = [
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
],
|
],
|
||||||
|
// Open a same-origin popup with a same-origin COOP report only. One report
|
||||||
|
// is sent to this page's endpoint, but none to the report-only endpoint.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportEndpoint.name}"`,
|
||||||
|
"require-corp",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": reportEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "enforce",
|
||||||
|
"document-uri": `${location.href}`,
|
||||||
|
"effective-policy": "same-origin-plus-coep",
|
||||||
|
"navigation-uri": /uuid=EXECUTOR_UUID$/, // next destination url
|
||||||
|
"violation-type": "navigation-from-document"
|
||||||
|
},
|
||||||
|
"url": `${location.href}`,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
},]
|
||||||
|
],
|
||||||
|
// Open a cross-origin popup with a same-origin COOP report only. A report is
|
||||||
|
// sent to both this page's endpoint and the popup's.
|
||||||
|
[
|
||||||
|
CROSS_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"require-corp",
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"endpoint": reportEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "enforce",
|
||||||
|
"document-uri": `${location.href}`,
|
||||||
|
"effective-policy": "same-origin-plus-coep",
|
||||||
|
"navigation-uri": /uuid=EXECUTOR_UUID$/, // next destination url
|
||||||
|
"violation-type": "navigation-from-document"
|
||||||
|
},
|
||||||
|
"url": `${location.href}`,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"endpoint": popupReportOnlyEndpoint,
|
||||||
|
"report": {
|
||||||
|
"body": {
|
||||||
|
"disposition": "reporting",
|
||||||
|
"document-uri": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"effective-policy": "same-origin-plus-coep",
|
||||||
|
"navigation-uri": `${location.origin}/`, // referrer (origin, as dictated by the referrer policy)
|
||||||
|
"violation-type": "navigation-to-document"
|
||||||
|
},
|
||||||
|
"url": /uuid=EXECUTOR_UUID$/,
|
||||||
|
"type": "coop"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
runNavigationReportingTests(document.title, tests);
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
|
@ -93,7 +93,17 @@ let tests = [
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
]
|
],
|
||||||
|
// Open a same-origin popup with a same-origin COOP Report only value, the
|
||||||
|
// report only matches the previous document COOP value, no report is sent.
|
||||||
|
[
|
||||||
|
SAME_ORIGIN,
|
||||||
|
"",
|
||||||
|
"",
|
||||||
|
`same-origin; report-to="${popupReportOnlyEndpoint.name}"`,
|
||||||
|
"",
|
||||||
|
[]
|
||||||
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
runNavigationReportingTests(document.title, tests);
|
runNavigationReportingTests(document.title, tests);
|
||||||
|
|
|
@ -1,7 +1,12 @@
|
||||||
import json, uuid
|
import json, uuid
|
||||||
|
|
||||||
def main(request, response):
|
def main(request, response):
|
||||||
|
response.headers.set('Access-Control-Allow-Origin', '*')
|
||||||
|
response.headers.set('Access-Control-Allow-Methods', 'OPTIONS, GET, POST')
|
||||||
|
response.headers.set('Access-Control-Allow-Headers', 'Content-Type')
|
||||||
response.headers.set('Cache-Control', 'no-cache, no-store, must-revalidate');
|
response.headers.set('Cache-Control', 'no-cache, no-store, must-revalidate');
|
||||||
|
if request.method == 'OPTIONS': # CORS preflight
|
||||||
|
return ''
|
||||||
|
|
||||||
key = 0;
|
key = 0;
|
||||||
if 'endpoint' in request.GET:
|
if 'endpoint' in request.GET:
|
||||||
|
|
|
@ -1,4 +1,3 @@
|
||||||
|
|
||||||
def main(request, response):
|
def main(request, response):
|
||||||
coop = request.GET.first("coop")
|
coop = request.GET.first("coop")
|
||||||
coopReportOnly = request.GET.first("coop-report-only") if "coop-report-only" in request.GET else ""
|
coopReportOnly = request.GET.first("coop-report-only") if "coop-report-only" in request.GET else ""
|
||||||
|
|
Загрузка…
Ссылка в новой задаче