| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| <meta charset="UTF-8"> |
| <script src="/js-test-resources/js-test.js"></script> |
| <script src="resources/util.js"></script> |
| </head> |
| <body> |
| <script> |
| description("Tests that blocking is added mid-flight in redirects."); |
| jsTestIsAsync = true; |
| |
| const partitionHost = "127.0.0.1:8000"; |
| const thirdPartyOrigin = "http://localhost:8000"; |
| const resourcePath = "/resourceLoadStatistics/resources"; |
| const thirdPartyBaseUrl = thirdPartyOrigin + resourcePath; |
| const firstPartyCookieName = "firstPartyCookie"; |
| const subPathToSetFirstPartyCookie = "/set-cookie.php?name=" + firstPartyCookieName + "&value=value"; |
| const partitionedCookieName = "partitionedCookie"; |
| const subPathToSetPartitionedCookie = "/set-cookie.php?name=" + partitionedCookieName + "&value=value"; |
| const returnUrl = "http://" + partitionHost + "/resourceLoadStatistics/add-blocking-to-redirect.html"; |
| const subPathToGetCookies = "/get-cookies.php?name1=" + firstPartyCookieName + "&name2=" + partitionedCookieName; |
| const redirectChainUrl = "http://" + partitionHost + resourcePath + "/redirect.php?redirectTo=" + thirdPartyBaseUrl + subPathToGetCookies; |
| |
| function openIframe(url, onLoadHandler) { |
| const element = document.createElement("iframe"); |
| element.src = url; |
| if (onLoadHandler) { |
| element.onload = onLoadHandler; |
| } |
| document.body.appendChild(element); |
| } |
| |
| function runTest() { |
| switch (document.location.hash) { |
| case "#step1": |
| // Set first-party cookie for localhost. |
| document.location.href = thirdPartyBaseUrl + subPathToSetFirstPartyCookie + "#" + returnUrl + "#step2"; |
| break; |
| case "#step2": |
| // Check that the cookie gets sent for localhost under 127.0.0.1 since localhost is not prevalent. |
| document.location.hash = "step3"; |
| openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive first-party cookie.", runTest); |
| break; |
| case "#step3": |
| document.location.hash = "step4"; |
| // Load an iframe in a redirect chain that starts with 127.0.0.1 and ends with localhost. Expect a cookie for localhost. |
| openIframe(redirectChainUrl + "&message=Redirect case 1, should receive first-party cookie.", runTest); |
| break; |
| case "#step4": |
| // Set localhost as prevalent to put it in the blocking category. |
| document.location.hash = "step5"; |
| testRunner.setStatisticsPrevalentResource(thirdPartyOrigin, true, function() { |
| if (!testRunner.isStatisticsPrevalentResource(thirdPartyOrigin)) |
| testFailed("Host did not get set as prevalent resource."); |
| testRunner.statisticsUpdateCookieBlocking(runTest); |
| }); |
| break; |
| case "#step5": |
| // Check that no cookie gets sent for localhost under 127.0.0.1 since localhost's cookies are blocked. |
| document.location.hash = "step6"; |
| openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=Should receive no cookies.", runTest); |
| break; |
| case "#step6": |
| // Load an iframe in a redirect chain that starts with 127.0.0.1 and ends with localhost. Expect no cookie for localhost. |
| document.location.hash = "step7"; |
| openIframe(redirectChainUrl + "&message=Redirect case 2, should receive no cookie.", runTest); |
| break; |
| case "#step7": |
| // Try to set cookie for localhost under 127.0.0.1. |
| document.location.hash = "step8"; |
| openIframe(thirdPartyBaseUrl + subPathToSetPartitionedCookie + "&message=Try to set third-party cookie in blocked mode.", runTest); |
| break; |
| case "#step8": |
| // Check that no cookie gets sent for localhost under 127.0.0.1 since localhost's cookies are blocked. |
| document.location.hash = "step9"; |
| openIframe(thirdPartyBaseUrl + subPathToGetCookies + "&message=After attempted cookie creation, should receive no cookie.", runTest); |
| break; |
| case "#step9": |
| // Load an iframe in a redirect chain that starts with 127.0.0.1 and ends with localhost. Expect no cookie for localhost. |
| document.location.hash = "step10"; |
| openIframe(redirectChainUrl + "&message=Redirect case 3, after attempted cookie creation, should receive no cookie.", runTest); |
| break; |
| case "#step10": |
| setEnableFeature(false, finishJSTest); |
| break; |
| } |
| } |
| |
| if (document.location.hash === "") { |
| testRunner.setUseITPDatabase(true); |
| setEnableFeature(true, function () { |
| if (testRunner.isStatisticsPrevalentResource(thirdPartyOrigin)) |
| testFailed("Localhost was classified as prevalent resource before the test starts."); |
| testRunner.dumpChildFramesAsText(); |
| document.location.hash = "step1"; |
| runTest(); |
| }); |
| } else { |
| runTest(); |
| } |
| </script> |
| </body> |
| </html> |