Navigation: non-traditional about:srcdoc WPTs

This CL adds WPTs for some observable behavior (request referrer string resolution) defined for "about:srcdoc" documents, and ensures that the behavior is consistent between normal srcdoc documents and what I'm calling nontraditional srdoc documents, which are those created via: 1. `document.open()` 2. `javascript:` URL navigations See whatwg/html#9514. R=domenic@chromium.org Bug: N/A Change-Id: I62939511995f929f0ad4ce8c121172b1194e2b2e
web-platform-tests · Jul 17, 2023 · dcc92fb · dcc92fb
1 parent f789345
commit dcc92fb
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 0 deletions.
diff --git a/html/infrastructure/urls/terminology-0/nontraditional-about-srcdoc.html b/html/infrastructure/urls/terminology-0/nontraditional-about-srcdoc.html
@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>Non-traditional about:srcdoc documents</title>
+<link rel="help" href="https://github.com/whatwg/html/issues/9514">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<body>
+<script>
+promise_test(async t => {
+  const iframe = document.createElement('iframe');
+
+  const srcdocOpenPromise = new Promise(resolve => {
+    window.srcdocOpenResolve = resolve;
+  });
+
+  iframe.srcdoc = `
+    <body onload="document.open();window.parent.srcdocOpenResolve();"></body>`;
+  document.body.append(iframe);
+
+  await srcdocOpenPromise;
+  assert_equals(iframe.contentDocument.URL, 'about:srcdoc');
+
+  // Calling the `about:srcdoc` Window's `fetch()` like this uses that Window's
+  // environment settings object as the request's client, which is where the
+  // request's referrer comes from, per
+  // https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer.
+  //
+  // If this `document.open()`d srcdoc document is considered a proper
+  // `about:srcdoc` document, the referrer will not be `about:srcdoc`, but will
+  // instead come from the parent document.
+  let referrer = await iframe.contentWindow.fetch('resources/echo-referrer-text.py');
+  referrer = await referrer.text();
+  assert_equals(referrer, location.href);
+}, 'about:srcdoc with document.open() is treated like a normal about:srcdoc document');
+
+promise_test(async t => {
+  const iframe = document.createElement('iframe');
+
+  const javascriptURLPromise = new Promise(resolve => {
+    window.javascriptURLResolve = resolve;
+  });
+
+  iframe.srcdoc = `
+  <script>
+    location.href = "javascript:'<body onload=window.parent.javascriptURLResolve();>Document contents here</body>'";
+  </scr`+`ipt>`;
+  document.body.append(iframe);
+
+  // This promise will resolve as a result of script running in the *new*
+  // document that gets created by the `javascript:` URL.
+  await javascriptURLPromise;
+  assert_equals(iframe.contentDocument.URL, 'about:srcdoc');
+
+  // See the assertion in the first test in this file.
+  let referrer = await iframe.contentWindow.fetch('resources/echo-referrer-text.py');
+  referrer = await referrer.text();
+  assert_equals(referrer, location.href);
+}, 'about:srcdoc navigated via a `javascript:` URL is treated like a normal about:srcdoc document');
+</script>
+</body>
diff --git a/html/infrastructure/urls/terminology-0/resources/echo-referrer-text.py b/html/infrastructure/urls/terminology-0/resources/echo-referrer-text.py
@@ -0,0 +1,4 @@
+def main(request, response):
+    response_headers = [(b"Content-Type", b"text/plain")]
+    body = b"%s"% request.headers.get(b"referer", b"")
+    return (200, response_headers, body)