<!DOCTYPE html>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src=/resources/testdriver.js></script>
<script src=/resources/testdriver-vendor.js></script>
<script src=/fetch/metadata/resources/helper.js></script>
<script src=/common/utils.js></script>
<body>
<script>
// The test
// 1. Creates a same-origin iframe
// 2. Adds to the iframe an unload handler that will
// trigger a request to <unload_request_url>/.../record-header.py...
// 3. Navigate the iframe to a cross-origin url (to data: url)
// 4. Waits until the request goes through
// 5. Verifies Sec-Fetch-Site request header of the request.
//
// This is a regression test for https://crbug.com/986577.
function create_test(unload_request_origin, expectations) {
async_test(t => {
// STEP 1: Create an iframe.
let nonce = token();
let key = "unload-test-" + nonce;
let url = unload_request_origin +
"/fetch/metadata/resources/record-header.py?file=" + key;
let i = document.createElement('iframe');
i.src = 'resources/unload-with-beacon.html';
i.onload = () => {
// STEP 2: Ask the iframe to add an unload handler.
i.contentWindow.postMessage(url, '*');
};
window.addEventListener('message', e => {
// STEP 3: Navigate the iframe away
i.contentWindow.location = 'data:text/html,DONE';
});
document.body.appendChild(i);
// STEPS 4 and 5: Wait for the beacon to go through and verify
// the request headers.
function wait_and_verify() {
t.step_timeout(() => {
fetch("resources/record-header.py?retrieve=true&file=" + key)
.then(response => response.text())
.then(text => t.step(() => {
if (text == 'No header has been recorded') {
wait_and_verify();
return;
}
assert_header_equals(text, expectations);
t.done();
}))
}, 200);
}
wait_and_verify();
}, "Fetch from an unload handler");
}
create_test("https://{{host}}:{{ports[https][0]}}", {
"site": "same-origin",
"user": "",
"mode": "no-cors",
"dest": "empty"
});
</script>
Codebase Browser
chromium