blob: 6b6de1741e21c8f87dfe695dbb94551dd0d44b3f [file] [log] [blame]
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<script src="/js-test-resources/js-test.js"></script>
<script src="resources/util.js"></script>
</head>
<body>
<script>
description("Tests that blocking is not removed mid-flight in redirects.");
jsTestIsAsync = true;
const partitionHost = "127.0.0.1:8000";
const thirdPartyOrigin = "http://localhost:8000";
const resourcePath = "/resourceLoadStatistics/resources";
const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath;
const firstPartyCookieNamePrefix = "firstPartyCookie";
const firstPartyCookieNameIP = firstPartyCookieNamePrefix + "IP";
const firstPartyCookieNameLocalhost = firstPartyCookieNamePrefix + "Localhost";
const thirdPartyCookieName = "thirdPartyCookie";
const subPathToSetThirdPartyCookie = "/set-cookie.php?name=" + thirdPartyCookieName + "&value=value";
const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieNameIP + "&name2=" + firstPartyCookieNameLocalhost + "&name3=" + thirdPartyCookieName;
const redirectChainUrl = thirdPartyOrigin + resourcePath + "/redirect.php?redirectTo=http://" + partitionHost + resourcePath + subPathToGetCookies;
function openIframe(url, onLoadHandler) {
const element = document.createElement("iframe");
element.src = url;
if (onLoadHandler) {
element.onload = onLoadHandler;
}
document.body.appendChild(element);
}
function runTest() {
switch (document.location.hash) {
case "#step1":
// Set first-party cookies for 127.0.0.1 and localhost.
if (document.location.origin === thirdPartyOrigin) {
document.cookie = firstPartyCookieNameLocalhost + "=localhost;path='/'";
document.location.href = "http://127.0.0.1:8000/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html#step2";
} else {
document.cookie = firstPartyCookieNameIP + "=127.0.0.1;path='/'";
document.location.href = "http://localhost:8000/resourceLoadStatistics/do-not-remove-blocking-in-redirect.html#step1";
}
break;
case "#step2":
// Check that the cookie gets sent for localhost under 127.0.0.1 since localhost is not prevalent.
document.location.hash = "step3";
openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive first-party cookie for localhost.", runTest);
break;
case "#step3":
document.location.hash = "step4";
// Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
openIframe(redirectChainUrl + "&message=Redirect case 1, should receive first-party cookie for 127.0.0.1.", runTest);
break;
case "#step4":
// Set localhost as prevalent to put it in the blocking category.
document.location.hash = "step5";
testRunner.setStatisticsPrevalentResource(thirdPartyOrigin, true, function() {
if (!testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
testFailed("Host did not get set as prevalent resource.");
testRunner.statisticsUpdateCookieBlocking(runTest);
});
break;
case "#step5":
// Try to set partitioned cookie for localhost under 127.0.0.1.
document.location.hash = "step6";
openIframe(thirdPartyBaseUrl + subPathToSetThirdPartyCookie + "&message=Try to set third-party cookie for localhost in blocked mode.", runTest);
break;
case "#step6":
// Check that no cookie gets sent for localhost under 127.0.0.1 since localhost's cookies are blocked.
document.location.hash = "step7";
openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive no cookie.", runTest);
break;
case "#step7":
// Load an iframe in a redirect chain that starts with localhost and ends with 127.0.0.1. Expect a cookie for 127.0.0.1.
document.location.hash = "step8";
openIframe(redirectChainUrl + "&message=Redirect case 2, should not receive first-party cookie for 127.0.0.1.", runTest);
break;
case "#step8":
setEnableFeature(false, finishJSTest);
break;
}
}
if (document.location.hash === "") {
setEnableFeature(true, function() {
if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin))
testFailed("Localhost was classified as prevalent resource before the test starts.");
testRunner.dumpChildFramesAsText();
document.location.hash = "step1";
runTest();
});
} else {
runTest();
}
</script>
</body>
</html>