Source code
Revision control
Copy as Markdown
Other Tools
<!DOCTYPE html>
<head>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="support/navigation-support.js"></script>
</head>
<body>
<script>
"use strict";
function violationMessage(sample) {
return e => {
const result = (e.data.effectiveDirective == "require-trusted-types-for" &&
(!sample || e.data.sample.startsWith(sample)));
if (result) {
assert_true(true, "Expected violation as message: " + sample);
}
return result;
};
}
function loadedMessage(searchParams, originAndPathName) {
return e => {
if (e.data.type != "DOMContentLoaded") {
return false;
}
let url = new URL(e.data.uri);
if (!url.pathname.endsWith(originAndPathName)) {
return false;
}
let keys = Object.keys(searchParams);
if (url.searchParams.size != keys.length ||
!keys.every(key =>
url.searchParams.get(key) === searchParams[key].toString())) {
return false;
}
assert_true(true, `Expected loaded as message: ${joinToHref(searchParams, originAndPathName)}`);
return true;
};
}
function openWindowAndWaitMessages(test, uri, expectedMessages) {
const win = window.open(uri);
let messageSeen = (new Array(expectedMessages.length)).fill(false);
return new Promise((resolve, reject) => {
function listener(e) {
let receivedUnexpectedMessage = true;
expectedMessages.forEach((message, index) => {
if (message(e)) {
receivedUnexpectedMessage = false;
if (!messageSeen[index]) {
messageSeen[index] = true;
if (messageSeen.every(seen => seen)) {
resolve();
}
}
}
});
if (receivedUnexpectedMessage) {
reject(`Unexpected message received: ${JSON.stringify(e.data)}`);
}
}
test.add_cleanup(_ => {
window.removeEventListener("message", listener);
win.close();
});
window.addEventListener("message", listener);
});
}
const kFormSubmission = "form-submission";
// When adding more elements, adapt all functions consuming the existing elements.
const kNavigationElements =
[
"anchor",
kFormSubmission,
];
function maybeAddFormSubmissionToSearchParams(navigationElement, searchParams) {
return Object.assign(
navigationElement == kFormSubmission ? {kFormSubmission: 1} : {},
searchParams);
}
function joinToHref(searchParams, originAndPathName) {
let urlSearchParams = new URLSearchParams(searchParams);
if (urlSearchParams.size > 0) {
return originAndPathName + "?" + urlSearchParams.toString();
}
return originAndPathName;
}
const kNavigationSupport = "navigation-support.html";
const kNavigationSupportReportOnly = "navigation-report-only-support.html";
for (const navigationElement of kNavigationElements) {
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement, {});
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupport)}`, [
loadedMessage(params, kNavigationSupport),
violationMessage("Location href"),
]);
}, `Navigate a window via ${navigationElement} with javascript:-urls in enforcing mode.`);
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement, {defaultpolicy: 1});
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupport)}`, [
loadedMessage(params, kNavigationSupport),
loadedMessage(Object.assign({navigationattempted: 1, defaultpolicywashere: 1}, params), kNavigationSupport),
]);
}, `Navigate a window via ${navigationElement} with javascript:-urls w/ default policy in enforcing mode.`);
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement, {});
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupportReportOnly)}`, [
loadedMessage(params, kNavigationSupportReportOnly),
violationMessage("Location href"),
loadedMessage(Object.assign({navigationattempted: 1, continue: 1}, params), kNavigationSupport),
]);
}, `Navigate a window via ${navigationElement} with javascript:-urls in report-only mode.`);
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement, {defaultpolicy: 1});
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupportReportOnly)}`, [
loadedMessage(params, kNavigationSupportReportOnly),
loadedMessage(Object.assign({navigationattempted: 1, defaultpolicywashere: 1}, params), kNavigationSupport),
]);
}, `Navigate a window via ${navigationElement} with javascript:-urls w/ default policy in report-only mode.`);
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement, {frame: 1});
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupport)}`, [
loadedMessage(params, kNavigationSupport),
violationMessage("Location href"),
]);
}, `Navigate a frame via ${navigationElement} with javascript:-urls in enforcing mode.`);
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement,
{defaultpolicy: 1, frame: 1});
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupport)}`, [
loadedMessage(params, kNavigationSupport),
loadedMessage(Object.assign({navigationattempted: 1, defaultpolicywashere: 1}, params), kNavigationSupport),
]);
}, `Navigate a frame via ${navigationElement} with javascript:-urls w/ default policy in enforcing mode.`);
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement, {frame: 1})
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupportReportOnly)}`, [
loadedMessage(params, kNavigationSupportReportOnly),
violationMessage("Location href"),
loadedMessage(Object.assign({navigationattempted: 1, continue: 1}, params), kNavigationSupport),
]);
}, `Navigate a frame via ${navigationElement} with javascript:-urls in report-only mode.`);
promise_test(t => {
const params = maybeAddFormSubmissionToSearchParams(navigationElement,
{defaultpolicy: 1, frame: 1});
return openWindowAndWaitMessages(t, `support/${joinToHref(params, kNavigationSupportReportOnly)}`, [
loadedMessage(params, kNavigationSupportReportOnly),
loadedMessage(Object.assign({navigationattempted: 1, defaultpolicywashere: 1}, params), kNavigationSupport),
]);
}, `Navigate a frame via ${navigationElement} with javascript:-urls w/ default policy in report-only mode.`);
}
</script>
</body>