Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/referrer-policy-srcdoc.html 

<!DOCTYPE html>
<html>
  <head>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <meta name="referrer" content="origin">
  </head>
  <body>
  <script>
    async_test(function () {
      window.addEventListener("message", this.step_func(function (event) {
        if (event.data.test == "parent-referrer-policy") {
          assert_equals(document.location.origin + "/", event.data.referrer);
          this.done();
        }
      }));
    }, "srcdoc iframe uses parent's referrer policy");
  </script>
  <iframe srcdoc="<script src='resources/referrer-policy-srcdoc.php?test=parent-referrer-policy'></script>"></iframe>

  <script>
    async_test(function () {
      window.addEventListener("message", this.step_func(function (event) {
        if (event.data.test == "own-referrer-policy") {
          assert_equals(document.location.href, event.data.referrer);
          this.done();
        }
      }));
    }, "srcdoc iframe can have its own referrer policy");
  </script>
  <iframe srcdoc="<meta name='referrer' content='unsafe-url'><script src='resources/referrer-policy-srcdoc.php?test=own-referrer-policy'></script>"></iframe>

  <script>
    async_test(function () {
      window.addEventListener("message", this.step_func(function (event) {
        if (event.data.test == "srcdoc-within-srcdoc") {
          assert_equals(document.location.origin + "/", event.data.referrer);
          this.done();
        }
      }));
    }, "srcdoc iframe within srcdoc iframe uses root's referrer policy");
  </script>
  <iframe srcdoc="<iframe srcdoc='<script src=&quot;resources/referrer-policy-srcdoc.php?test=srcdoc-within-srcdoc&quot;></script>'></iframe>"></iframe>

  <script>
    async_test(function () {
      window.addEventListener("message", this.step_func(function (event) {
        if (event.data.test == "srcdoc-within-srcdoc-with-own-policy") {
          assert_equals(document.location.href, event.data.referrer);
          this.done();
        }
      }));
    }, "srcdoc iframe within srcdoc iframe with its own policy");
  </script>
  <iframe srcdoc="<meta name='referrer' content='unsafe-url'><iframe srcdoc='<script src=&quot;resources/referrer-policy-srcdoc.php?test=srcdoc-within-srcdoc-with-own-policy&quot;></script>'></iframe>"></iframe>

  </body>
</html>