| <title> |
| COOP reports are sent when the openee used COOP-RO+COEP and then its |
| same-origin opener tries to access it. |
| </title> |
| <meta name=timeout content=long> |
| <script src=/resources/testharness.js></script> |
| <script src=/resources/testharnessreport.js></script> |
| <script src=/common/get-host-info.sub.js></script> |
| <script src="/common/utils.js"></script> |
| <script src="../resources/dispatcher.js"></script> |
| <script src="../resources/try-access.js"></script> |
| <script> |
| |
| const directory = "/html/cross-origin-opener-policy/reporting"; |
| const executor_path = directory + "/resources/executor.html?pipe="; |
| const redirect_path = directory + "/resources/redirect.py?"; |
| const same_origin = get_host_info().HTTPS_ORIGIN; |
| const coep_header = '|header(Cross-Origin-Embedder-Policy,require-corp)'; |
| |
| let runTest = (openee_redirect, name) => promise_test(async t => { |
| const report_token = token(); |
| const openee_token = token(); |
| const opener_token = token(); // The current test window. |
| |
| const opener_url = location.href; |
| |
| const reportTo = reportToHeaders(report_token); |
| const openee_url = same_origin + executor_path + reportTo.header + |
| reportTo.coopReportOnlySameOriginHeader + coep_header + |
| `&uuid=${openee_token}`; |
| const openee_redirect_url = same_origin + redirect_path + openee_url |
| const openee_requested_url = openee_redirect ? openee_redirect_url |
| : openee_url; |
| |
| |
| const openee = window.open(openee_requested_url); |
| t.add_cleanup(() => send(openee_token, "window.close()")) |
| |
| // 1. Make sure the new document to be loaded. |
| send(openee_token, ` |
| send("${opener_token}", "Ready"); |
| `); |
| let reply = await receive(opener_token); |
| assert_equals(reply, "Ready"); |
| |
| // 2. Try to access the openee. A report is sent, because of COOP-RO+COEP. |
| tryAccess(openee); |
| |
| // 3. Check a report is sent to the openee. |
| let report = |
| await receiveReport(report_token, "access-to-coop-page-from-opener") |
| assert_equals(report.type, "coop"); |
| assert_equals(report.url, openee_url.replace(/"/g, '%22')); |
| assert_equals(report.body.disposition, "reporting"); |
| assert_equals(report.body.effectivePolicy, "same-origin-plus-coep"); |
| assert_equals(report.body.property, "blur"); |
| assert_source_location_missing(report); |
| assert_equals(report.body.openerURL, opener_url); |
| assert_equals(report.body.openeeURL, undefined); |
| assert_equals(report.body.otherDocumentURL, undefined); |
| assert_equals(report.body.referrer, opener_url); |
| assert_equals(report.body.initialPopupURL, undefined); |
| }, name); |
| |
| runTest(false, "access-to-coop-page-from-opener, same-origin"); |
| runTest(true , "access-to-coop-page-from-opener, same-origin + redirect"); |
| |
| </script> |