1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 #include "base/command_line.h"
8 #include "base/functional/bind.h"
9 #include "base/strings/string_number_conversions.h"
10 #include "base/strings/stringprintf.h"
11 #include "base/strings/utf_string_conversions.h"
12 #include "base/synchronization/lock.h"
13 #include "base/thread_annotations.h"
14 #include "build/build_config.h"
15 #include "build/chromeos_buildflags.h"
16 #include "chrome/app/chrome_command_ids.h"
17 #include "chrome/browser/browser_process.h"
18 #include "chrome/browser/net/system_network_context_manager.h"
19 #include "chrome/browser/renderer_context_menu/render_view_context_menu.h"
20 #include "chrome/browser/renderer_context_menu/render_view_context_menu_browsertest_util.h"
21 #include "chrome/browser/ui/browser.h"
22 #include "chrome/browser/ui/browser_commands.h"
23 #include "chrome/browser/ui/tabs/tab_strip_model.h"
24 #include "chrome/common/chrome_features.h"
25 #include "chrome/common/pref_names.h"
26 #include "chrome/test/base/in_process_browser_test.h"
27 #include "chrome/test/base/ui_test_utils.h"
28 #include "components/prefs/pref_service.h"
29 #include "content/public/browser/browser_thread.h"
30 #include "content/public/browser/navigation_controller.h"
31 #include "content/public/browser/navigation_entry.h"
32 #include "content/public/browser/render_view_host.h"
33 #include "content/public/browser/render_widget_host.h"
34 #include "content/public/browser/storage_partition.h"
35 #include "content/public/browser/web_contents.h"
36 #include "content/public/common/content_features.h"
37 #include "content/public/test/browser_test.h"
38 #include "content/public/test/browser_test_utils.h"
39 #include "net/base/features.h"
40 #include "net/test/embedded_test_server/http_request.h"
41 #include "services/network/public/mojom/referrer_policy.mojom-shared.h"
42 #include "third_party/blink/public/common/features.h"
43 #include "third_party/blink/public/common/input/web_input_event.h"
44 #include "third_party/blink/public/common/input/web_mouse_event.h"
45 #include "third_party/blink/public/common/loader/referrer_utils.h"
46 #include "third_party/blink/public/common/switches.h"
47 #include "ui/base/page_transition_types.h"
48 #include "ui/base/window_open_disposition.h"
50 class ReferrerPolicyTest : public InProcessBrowserTest {
52 ReferrerPolicyTest() : https_server_(net::EmbeddedTestServer::TYPE_HTTPS) {
53 // Subclasses might want to verify the requests that arrive at servers;
54 // register a default no-op handler that subclasses may override.
55 embedded_test_server()->RegisterRequestMonitor(base::BindRepeating(
56 &ReferrerPolicyTest::OnServerIncomingRequest, base::Unretained(this)));
57 https_server_.RegisterRequestMonitor(base::BindRepeating(
58 &ReferrerPolicyTest::OnServerIncomingRequest, base::Unretained(this)));
60 https_server_.AddDefaultHandlers(GetChromeTestDataDir());
61 EXPECT_TRUE(embedded_test_server()->Start());
62 EXPECT_TRUE(https_server_.Start());
64 ~ReferrerPolicyTest() override = default;
66 enum ExpectedReferrer {
67 EXPECT_EMPTY_REFERRER,
69 EXPECT_ORIGIN_AS_REFERRER
72 void SetUpCommandLine(base::CommandLine* command_line) override {
73 // Some builders are flaky due to slower loading interacting
74 // with deferred commits.
75 command_line->AppendSwitch(blink::switches::kAllowPreCommitInput);
79 // Callback to verify that HTTP requests have the correct headers;
80 // currently, (See the comment on RequestCheck, below.)
81 virtual void OnServerIncomingRequest(
82 const net::test_server::HttpRequest& request) {
83 base::AutoLock lock(check_on_requests_lock_);
84 if (!check_on_requests_)
87 if (request.relative_url != check_on_requests_->destination_url_to_match)
90 auto it = request.headers.find("Referer");
92 if (check_on_requests_->expected_spec.empty()) {
93 EXPECT_TRUE(it == request.headers.end()) << it->second;
95 EXPECT_TRUE(it != request.headers.end());
96 if (it != request.headers.end())
97 EXPECT_EQ(it->second, check_on_requests_->expected_spec);
101 // Returns the expected title for the tab with the given (full) referrer and
102 // the expected modification of it.
103 std::u16string GetExpectedTitle(const GURL& url,
104 ExpectedReferrer expected_referrer) {
105 std::string referrer;
106 switch (expected_referrer) {
107 case EXPECT_EMPTY_REFERRER:
108 referrer = "Referrer is empty";
110 case EXPECT_FULL_REFERRER:
111 referrer = "Referrer is " + url.spec();
113 case EXPECT_ORIGIN_AS_REFERRER:
114 referrer = "Referrer is " + url.GetWithEmptyPath().spec();
117 return base::ASCIIToUTF16(referrer);
120 // Adds all possible titles to the TitleWatcher, so we don't time out
121 // waiting for the title if the test fails.
122 void AddAllPossibleTitles(const GURL& url,
123 content::TitleWatcher* title_watcher) {
124 title_watcher->AlsoWaitForTitle(
125 GetExpectedTitle(url, EXPECT_EMPTY_REFERRER));
126 title_watcher->AlsoWaitForTitle(
127 GetExpectedTitle(url, EXPECT_FULL_REFERRER));
128 title_watcher->AlsoWaitForTitle(
129 GetExpectedTitle(url, EXPECT_ORIGIN_AS_REFERRER));
132 enum StartOnProtocol { START_ON_HTTP, START_ON_HTTPS, };
134 enum LinkType { REGULAR_LINK, LINK_WITH_TARGET_BLANK, };
137 NO_REDIRECT, // direct navigation via HTTP
138 HTTPS_NO_REDIRECT, // direct navigation via HTTPS
139 SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
140 SERVER_REDIRECT_FROM_HTTP_TO_HTTP,
141 SERVER_REDIRECT_FROM_HTTP_TO_HTTPS
144 enum RendererOrBrowserInitiated { RENDERER_INITIATED, BROWSER_INITIATED };
146 // Navigates from a page with a given |referrer_policy| and checks that the
147 // reported referrer matches the expectation.
149 // referrer_policy: The referrer policy to test.
150 // start_protocol: The protocol the test should start on.
151 // link_type: The link type that is used to trigger the navigation.
152 // redirect: Whether the link target should redirect and how.
153 // disposition: The disposition for the navigation.
154 // button: If not WebMouseEvent::Button::NoButton, click on the
155 // link with the specified mouse button.
156 // expected_referrer: The kind of referrer to expect.
157 // expected_referrer_policy: The expected referrer policy of the activity.
158 // renderer_or_browser_initiated: If BROWSER_INITIATED, uses Navigate() to
159 // load in the current WebContents and disregards the value of |button|.
162 // The URL of the first page navigated to.
163 GURL RunReferrerTest(const network::mojom::ReferrerPolicy referrer_policy,
164 StartOnProtocol start_protocol,
166 RedirectType redirect,
167 WindowOpenDisposition disposition,
168 blink::WebMouseEvent::Button button,
169 ExpectedReferrer expected_referrer,
170 network::mojom::ReferrerPolicy expected_referrer_policy,
171 RendererOrBrowserInitiated
172 renderer_or_browser_initiated = RENDERER_INITIATED) {
176 redirect_url = embedded_test_server()->GetURL(
177 "/referrer_policy/referrer-policy-log.html");
179 case HTTPS_NO_REDIRECT:
181 https_server_.GetURL("/referrer_policy/referrer-policy-log.html");
183 case SERVER_REDIRECT_FROM_HTTPS_TO_HTTP:
184 redirect_url = https_server_.GetURL(
185 std::string("/server-redirect?") +
186 embedded_test_server()
187 ->GetURL("/referrer_policy/referrer-policy-log.html")
190 case SERVER_REDIRECT_FROM_HTTP_TO_HTTP:
191 redirect_url = embedded_test_server()->GetURL(
192 std::string("/server-redirect?") +
193 embedded_test_server()
194 ->GetURL("/referrer_policy/referrer-policy-log.html")
197 case SERVER_REDIRECT_FROM_HTTP_TO_HTTPS:
198 redirect_url = embedded_test_server()->GetURL(
199 std::string("/server-redirect?") +
200 https_server_.GetURL("/referrer_policy/referrer-policy-log.html")
205 std::string relative_url =
206 std::string("/referrer_policy/referrer-policy-start.html?") +
207 "policy=" + content::ReferrerPolicyToString(referrer_policy) +
208 "&redirect=" + redirect_url.spec() + "&link=" +
209 ((button == blink::WebMouseEvent::Button::kNoButton &&
210 renderer_or_browser_initiated == RENDERER_INITIATED)
213 "&target=" + (link_type == LINK_WITH_TARGET_BLANK ? "_blank" : "");
215 auto* start_test_server = start_protocol == START_ON_HTTPS
217 : embedded_test_server();
218 const GURL start_url = start_test_server->GetURL(relative_url);
220 ui_test_utils::AllBrowserTabAddedWaiter add_tab;
222 std::u16string expected_title =
223 GetExpectedTitle(start_url, expected_referrer);
224 content::WebContents* tab =
225 browser()->tab_strip_model()->GetActiveWebContents();
226 content::TitleWatcher title_watcher(tab, expected_title);
228 std::string expected_referrer_value;
229 if (expected_referrer != EXPECT_EMPTY_REFERRER) {
230 expected_referrer_value =
231 base::UTF16ToASCII(expected_title)
232 .substr(base::StringPiece("Referrer is ").size());
234 base::ReleasableAutoLock releaseable_lock(&check_on_requests_lock_);
235 check_on_requests_ = RequestCheck{
236 expected_referrer_value, "/referrer_policy/referrer-policy-log.html"};
237 releaseable_lock.Release();
239 // Watch for all possible outcomes to avoid timeouts if something breaks.
240 AddAllPossibleTitles(start_url, &title_watcher);
242 EXPECT_TRUE(ui_test_utils::NavigateToURL(browser(), start_url));
244 if (renderer_or_browser_initiated == BROWSER_INITIATED) {
245 CHECK(disposition == WindowOpenDisposition::CURRENT_TAB);
246 NavigateParams params(browser(), redirect_url, ui::PAGE_TRANSITION_LINK);
247 params.referrer = content::Referrer(
248 tab->GetController().GetVisibleEntry()->GetURL(), referrer_policy);
249 params.source_contents = tab;
250 ui_test_utils::NavigateToURL(¶ms);
251 } else if (button != blink::WebMouseEvent::Button::kNoButton) {
252 blink::WebMouseEvent mouse_event(
253 blink::WebInputEvent::Type::kMouseDown,
254 blink::WebInputEvent::kNoModifiers,
255 blink::WebInputEvent::GetStaticTimeStampForTests());
256 mouse_event.button = button;
257 mouse_event.SetPositionInWidget(15, 15);
258 mouse_event.click_count = 1;
259 tab->GetPrimaryMainFrame()
260 ->GetRenderViewHost()
262 ->ForwardMouseEvent(mouse_event);
263 mouse_event.SetType(blink::WebInputEvent::Type::kMouseUp);
264 tab->GetPrimaryMainFrame()
265 ->GetRenderViewHost()
267 ->ForwardMouseEvent(mouse_event);
270 if (disposition == WindowOpenDisposition::CURRENT_TAB) {
271 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle());
273 tab = add_tab.Wait();
275 content::TitleWatcher title_watcher2(tab, expected_title);
277 // Watch for all possible outcomes to avoid timeouts if something breaks.
278 AddAllPossibleTitles(start_url, &title_watcher2);
280 EXPECT_EQ(expected_title, title_watcher2.WaitAndGetTitle());
283 EXPECT_EQ(expected_referrer_policy,
284 tab->GetController().GetVisibleEntry()->GetReferrer().policy);
286 base::AutoLock lock(check_on_requests_lock_);
287 check_on_requests_.reset();
292 // Shorthand for cases where |referrer_policy| is the expected policy.
293 GURL RunReferrerTest(const network::mojom::ReferrerPolicy referrer_policy,
294 StartOnProtocol start_protocol,
296 RedirectType redirect,
297 WindowOpenDisposition disposition,
298 blink::WebMouseEvent::Button button,
299 ExpectedReferrer expected_referrer) {
300 return RunReferrerTest(referrer_policy, start_protocol, link_type, redirect,
301 disposition, button, expected_referrer,
305 net::EmbeddedTestServer https_server_;
307 // If "check_on_requests_" is set, for each HTTP request that arrives at
308 // either of the embedded test servers ("embedded_test_server()" and
309 // "https_server_"), if the relative URL equals that stored in
310 // "destination_url_to_match", OnServerIncomingRequest will assert
311 // that the provided Referer header's value equals the value of
313 struct RequestCheck {
314 std::string expected_spec;
315 std::string destination_url_to_match;
318 base::Lock check_on_requests_lock_;
319 absl::optional<RequestCheck> check_on_requests_
320 GUARDED_BY(check_on_requests_lock_);
323 // The basic behavior of referrer policies is covered by layout tests in
324 // http/tests/security/referrer-policy-*. These tests cover (hopefully) all
325 // code paths chrome uses to navigate. To keep the number of combinations down,
326 // we only test the "origin" policy here.
328 // Content initiated navigation, from HTTP to HTTP.
329 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, Origin) {
330 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
331 REGULAR_LINK, NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
332 blink::WebMouseEvent::Button::kNoButton,
333 EXPECT_ORIGIN_AS_REFERRER);
336 // Content initiated navigation, from HTTPS to HTTP.
337 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsDefault) {
338 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
339 REGULAR_LINK, NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
340 blink::WebMouseEvent::Button::kNoButton,
341 EXPECT_ORIGIN_AS_REFERRER);
344 // User initiated navigation, from HTTP to HTTP.
345 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, LeftClickOrigin) {
346 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
347 REGULAR_LINK, NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
348 blink::WebMouseEvent::Button::kLeft,
349 EXPECT_ORIGIN_AS_REFERRER);
352 // User initiated navigation, from HTTPS to HTTP.
353 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsLeftClickOrigin) {
354 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
355 REGULAR_LINK, NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
356 blink::WebMouseEvent::Button::kLeft,
357 EXPECT_ORIGIN_AS_REFERRER);
360 // User initiated navigation, middle click, from HTTP to HTTP.
361 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MiddleClickOrigin) {
363 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP, REGULAR_LINK,
364 NO_REDIRECT, WindowOpenDisposition::NEW_BACKGROUND_TAB,
365 blink::WebMouseEvent::Button::kMiddle, EXPECT_ORIGIN_AS_REFERRER);
368 // User initiated navigation, middle click, from HTTPS to HTTP.
369 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsMiddleClickOrigin) {
371 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS, REGULAR_LINK,
372 NO_REDIRECT, WindowOpenDisposition::NEW_BACKGROUND_TAB,
373 blink::WebMouseEvent::Button::kMiddle, EXPECT_ORIGIN_AS_REFERRER);
376 // User initiated navigation, target blank, from HTTP to HTTP.
377 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, TargetBlankOrigin) {
378 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
379 LINK_WITH_TARGET_BLANK, NO_REDIRECT,
380 WindowOpenDisposition::NEW_FOREGROUND_TAB,
381 blink::WebMouseEvent::Button::kLeft,
382 EXPECT_ORIGIN_AS_REFERRER);
385 // User initiated navigation, target blank, from HTTPS to HTTP.
386 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsTargetBlankOrigin) {
387 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
388 LINK_WITH_TARGET_BLANK, NO_REDIRECT,
389 WindowOpenDisposition::NEW_FOREGROUND_TAB,
390 blink::WebMouseEvent::Button::kLeft,
391 EXPECT_ORIGIN_AS_REFERRER);
394 // User initiated navigation, middle click, target blank, from HTTP to HTTP.
395 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MiddleClickTargetBlankOrigin) {
396 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
397 LINK_WITH_TARGET_BLANK, NO_REDIRECT,
398 WindowOpenDisposition::NEW_FOREGROUND_TAB,
399 blink::WebMouseEvent::Button::kMiddle,
400 EXPECT_ORIGIN_AS_REFERRER);
403 // User initiated navigation, middle click, target blank, from HTTPS to HTTP.
404 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsMiddleClickTargetBlankOrigin) {
405 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
406 LINK_WITH_TARGET_BLANK, NO_REDIRECT,
407 WindowOpenDisposition::NEW_FOREGROUND_TAB,
408 blink::WebMouseEvent::Button::kMiddle,
409 EXPECT_ORIGIN_AS_REFERRER);
412 // Context menu, from HTTP to HTTP.
413 // TODO(crbug.com/1269942): Flaky on Lacros.
414 #if BUILDFLAG(IS_CHROMEOS_LACROS)
415 #define MAYBE_ContextMenuOrigin DISABLED_ContextMenuOrigin
417 #define MAYBE_ContextMenuOrigin ContextMenuOrigin
419 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MAYBE_ContextMenuOrigin) {
420 ContextMenuNotificationObserver context_menu_observer(
421 IDC_CONTENT_CONTEXT_OPENLINKNEWTAB);
423 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP, REGULAR_LINK,
424 NO_REDIRECT, WindowOpenDisposition::NEW_FOREGROUND_TAB,
425 blink::WebMouseEvent::Button::kRight, EXPECT_ORIGIN_AS_REFERRER);
428 // Context menu, from HTTPS to HTTP.
429 // TODO(crbug.com/1269041): Fix flakiness on Linux and Lacros then reenable.
430 #if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)
431 #define MAYBE_HttpsContextMenuOrigin DISABLED_HttpsContextMenuOrigin
433 #define MAYBE_HttpsContextMenuOrigin HttpsContextMenuOrigin
435 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MAYBE_HttpsContextMenuOrigin) {
436 ContextMenuNotificationObserver context_menu_observer(
437 IDC_CONTENT_CONTEXT_OPENLINKNEWTAB);
439 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS, REGULAR_LINK,
440 NO_REDIRECT, WindowOpenDisposition::NEW_FOREGROUND_TAB,
441 blink::WebMouseEvent::Button::kRight, EXPECT_ORIGIN_AS_REFERRER);
444 // Content initiated navigation, from HTTP to HTTP via server redirect.
445 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, Redirect) {
447 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP, REGULAR_LINK,
448 SERVER_REDIRECT_FROM_HTTPS_TO_HTTP, WindowOpenDisposition::CURRENT_TAB,
449 blink::WebMouseEvent::Button::kNoButton, EXPECT_ORIGIN_AS_REFERRER);
452 // Content initiated navigation, from HTTPS to HTTP via server redirect.
453 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsRedirect) {
455 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS, REGULAR_LINK,
456 SERVER_REDIRECT_FROM_HTTPS_TO_HTTP, WindowOpenDisposition::CURRENT_TAB,
457 blink::WebMouseEvent::Button::kNoButton, EXPECT_ORIGIN_AS_REFERRER);
460 // User initiated navigation, from HTTP to HTTP via server redirect.
461 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, LeftClickRedirect) {
463 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP, REGULAR_LINK,
464 SERVER_REDIRECT_FROM_HTTP_TO_HTTP, WindowOpenDisposition::CURRENT_TAB,
465 blink::WebMouseEvent::Button::kLeft, EXPECT_ORIGIN_AS_REFERRER);
468 // User initiated navigation, from HTTPS to HTTP via server redirect.
469 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsLeftClickRedirect) {
471 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS, REGULAR_LINK,
472 SERVER_REDIRECT_FROM_HTTPS_TO_HTTP, WindowOpenDisposition::CURRENT_TAB,
473 blink::WebMouseEvent::Button::kLeft, EXPECT_ORIGIN_AS_REFERRER);
476 // User initiated navigation, middle click, from HTTP to HTTP via server
478 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MiddleClickRedirect) {
479 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
480 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
481 WindowOpenDisposition::NEW_BACKGROUND_TAB,
482 blink::WebMouseEvent::Button::kMiddle,
483 EXPECT_ORIGIN_AS_REFERRER);
486 // User initiated navigation, middle click, from HTTPS to HTTP via server
488 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsMiddleClickRedirect) {
489 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
490 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
491 WindowOpenDisposition::NEW_BACKGROUND_TAB,
492 blink::WebMouseEvent::Button::kMiddle,
493 EXPECT_ORIGIN_AS_REFERRER);
496 // User initiated navigation, target blank, from HTTP to HTTP via server
498 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, TargetBlankRedirect) {
499 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
500 LINK_WITH_TARGET_BLANK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
501 WindowOpenDisposition::NEW_FOREGROUND_TAB,
502 blink::WebMouseEvent::Button::kLeft,
503 EXPECT_ORIGIN_AS_REFERRER);
506 // User initiated navigation, target blank, from HTTPS to HTTP via server
508 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, HttpsTargetBlankRedirect) {
509 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
510 LINK_WITH_TARGET_BLANK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
511 WindowOpenDisposition::NEW_FOREGROUND_TAB,
512 blink::WebMouseEvent::Button::kLeft,
513 EXPECT_ORIGIN_AS_REFERRER);
516 // User initiated navigation, middle click, target blank, from HTTP to HTTP via
518 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MiddleClickTargetBlankRedirect) {
519 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
520 LINK_WITH_TARGET_BLANK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
521 WindowOpenDisposition::NEW_FOREGROUND_TAB,
522 blink::WebMouseEvent::Button::kMiddle,
523 EXPECT_ORIGIN_AS_REFERRER);
526 // User initiated navigation, middle click, target blank, from HTTPS to HTTP
527 // via server redirect.
528 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
529 HttpsMiddleClickTargetBlankRedirect) {
530 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
531 LINK_WITH_TARGET_BLANK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
532 WindowOpenDisposition::NEW_FOREGROUND_TAB,
533 blink::WebMouseEvent::Button::kMiddle,
534 EXPECT_ORIGIN_AS_REFERRER);
537 // Context menu, from HTTP to HTTP via server redirect.
538 // TODO(crbug.com/1269041): Fix flakiness on Linux and Lacros then reenable.
539 #if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS_LACROS)
540 #define MAYBE_ContextMenuRedirect DISABLED_ContextMenuRedirect
542 #define MAYBE_ContextMenuRedirect ContextMenuRedirect
544 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MAYBE_ContextMenuRedirect) {
545 ContextMenuNotificationObserver context_menu_observer(
546 IDC_CONTENT_CONTEXT_OPENLINKNEWTAB);
547 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTP,
548 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
549 WindowOpenDisposition::NEW_FOREGROUND_TAB,
550 blink::WebMouseEvent::Button::kRight,
551 EXPECT_ORIGIN_AS_REFERRER);
554 // Context menu, from HTTPS to HTTP via server redirect.
555 // TODO(crbug.com/1269942): Flaky on Lacros.
556 #if BUILDFLAG(IS_CHROMEOS_LACROS)
557 #define MAYBE_HttpsContextMenuRedirect DISABLED_HttpsContextMenuRedirect
559 #define MAYBE_HttpsContextMenuRedirect HttpsContextMenuRedirect
561 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, MAYBE_HttpsContextMenuRedirect) {
562 ContextMenuNotificationObserver context_menu_observer(
563 IDC_CONTENT_CONTEXT_OPENLINKNEWTAB);
564 RunReferrerTest(network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS,
565 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
566 WindowOpenDisposition::NEW_FOREGROUND_TAB,
567 blink::WebMouseEvent::Button::kRight,
568 EXPECT_ORIGIN_AS_REFERRER);
571 // Tests history navigation actions: Navigate from A to B with a referrer
572 // policy, then navigate to C, back to B, and reload.
573 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, History) {
574 // Navigate from A to B.
575 GURL start_url = RunReferrerTest(
576 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS, REGULAR_LINK,
577 SERVER_REDIRECT_FROM_HTTPS_TO_HTTP, WindowOpenDisposition::CURRENT_TAB,
578 blink::WebMouseEvent::Button::kLeft, EXPECT_ORIGIN_AS_REFERRER);
581 ASSERT_TRUE(ui_test_utils::NavigateToURL(
582 browser(), embedded_test_server()->GetURL("/title1.html")));
584 std::u16string expected_title =
585 GetExpectedTitle(start_url, EXPECT_ORIGIN_AS_REFERRER);
586 content::WebContents* tab =
587 browser()->tab_strip_model()->GetActiveWebContents();
588 std::unique_ptr<content::TitleWatcher> title_watcher(
589 new content::TitleWatcher(tab, expected_title));
591 // Watch for all possible outcomes to avoid timeouts if something breaks.
592 AddAllPossibleTitles(start_url, title_watcher.get());
595 chrome::GoBack(browser(), WindowOpenDisposition::CURRENT_TAB);
596 EXPECT_EQ(expected_title, title_watcher->WaitAndGetTitle());
598 title_watcher = std::make_unique<content::TitleWatcher>(tab, expected_title);
599 AddAllPossibleTitles(start_url, title_watcher.get());
602 chrome::Reload(browser(), WindowOpenDisposition::CURRENT_TAB);
603 EXPECT_EQ(expected_title, title_watcher->WaitAndGetTitle());
605 title_watcher = std::make_unique<content::TitleWatcher>(tab, expected_title);
606 AddAllPossibleTitles(start_url, title_watcher.get());
608 // Shift-reload to B.
609 chrome::ReloadBypassingCache(browser(), WindowOpenDisposition::CURRENT_TAB);
610 EXPECT_EQ(expected_title, title_watcher->WaitAndGetTitle());
613 // Tests that reloading a site for "request tablet version" correctly clears
615 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, RequestTabletSite) {
616 GURL start_url = RunReferrerTest(
617 network::mojom::ReferrerPolicy::kOrigin, START_ON_HTTPS, REGULAR_LINK,
618 SERVER_REDIRECT_FROM_HTTP_TO_HTTP, WindowOpenDisposition::CURRENT_TAB,
619 blink::WebMouseEvent::Button::kLeft, EXPECT_ORIGIN_AS_REFERRER);
621 std::u16string expected_title =
622 GetExpectedTitle(start_url, EXPECT_EMPTY_REFERRER);
623 content::WebContents* tab =
624 browser()->tab_strip_model()->GetActiveWebContents();
625 content::TitleWatcher title_watcher(tab, expected_title);
627 // Watch for all possible outcomes to avoid timeouts if something breaks.
628 AddAllPossibleTitles(start_url, &title_watcher);
630 // Erase the current title in the NavigationEntry.
632 // TitleWatcher overrides WebContentObserver's TitleWasSet() but also
633 // DidStopLoading(). The page that is being reloaded sets its title after load
634 // is complete, so the title change is missed because the title is checked on
635 // load. Clearing the title ensures that TitleWatcher will wait for the actual
637 tab->GetController().GetVisibleEntry()->SetTitle(std::u16string());
639 // Request tablet version.
640 chrome::ToggleRequestTabletSite(browser());
641 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle());
644 // Test that an iframes gets the parent frames referrer and referrer policy if
645 // the load was triggered by the parent, or from the iframe itself, if the
646 // navigations was started by the iframe.
647 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest, IFrame) {
648 browser()->profile()->GetPrefs()->SetBoolean(
649 prefs::kWebKitAllowRunningInsecureContent, true);
650 content::WebContents* tab =
651 browser()->tab_strip_model()->GetActiveWebContents();
652 std::u16string expected_title(u"loaded");
653 std::unique_ptr<content::TitleWatcher> title_watcher(
654 new content::TitleWatcher(tab, expected_title));
656 // Load a page that loads an iframe.
657 ASSERT_TRUE(ui_test_utils::NavigateToURL(
659 https_server_.GetURL("/referrer_policy/referrer-policy-iframe.html")));
660 EXPECT_TRUE(content::ExecJs(
662 std::string("var frame = document.createElement('iframe');frame.src ='") +
663 embedded_test_server()
664 ->GetURL("/referrer_policy/referrer-policy-log.html")
666 "';frame.onload = function() { document.title = 'loaded'; };" +
667 "document.body.appendChild(frame)"));
668 EXPECT_EQ(expected_title, title_watcher->WaitAndGetTitle());
670 // Verify that the referrer policy was honored and the main page's origin was
672 content::RenderFrameHost* frame = content::FrameMatchingPredicate(
673 tab->GetPrimaryPage(),
674 base::BindRepeating(&content::FrameIsChildOfMainFrame));
675 std::string title = content::EvalJs(frame, "document.title").ExtractString();
676 EXPECT_EQ("Referrer is " + https_server_.GetURL("/").spec(), title);
678 // Reload the iframe.
679 expected_title = u"reset";
680 title_watcher = std::make_unique<content::TitleWatcher>(tab, expected_title);
681 EXPECT_TRUE(content::ExecJs(tab, "document.title = 'reset'"));
682 EXPECT_EQ(expected_title, title_watcher->WaitAndGetTitle());
683 frame = content::FrameMatchingPredicate(
684 tab->GetPrimaryPage(),
685 base::BindRepeating(&content::FrameIsChildOfMainFrame));
687 expected_title = u"loaded";
688 title_watcher = std::make_unique<content::TitleWatcher>(tab, expected_title);
689 EXPECT_TRUE(content::ExecJs(frame, "location.reload()"));
690 EXPECT_EQ(expected_title, title_watcher->WaitAndGetTitle());
691 frame = content::FrameMatchingPredicate(
692 tab->GetPrimaryPage(),
693 base::BindRepeating(&content::FrameIsChildOfMainFrame));
695 // Verify that the full url of the iframe was used as referrer.
696 title = content::EvalJs(frame, "document.title").ExtractString();
698 "Referrer is " + embedded_test_server()
699 ->GetURL("/referrer_policy/referrer-policy-log.html")
704 // Origin When Cross-Origin
706 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
707 HttpLeftClickHTTPSRedirectToHTTPOriginWhenCrossOrigin) {
709 network::mojom::ReferrerPolicy::kOriginWhenCrossOrigin, START_ON_HTTPS,
710 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
711 WindowOpenDisposition::CURRENT_TAB, blink::WebMouseEvent::Button::kLeft,
712 EXPECT_ORIGIN_AS_REFERRER);
715 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
716 HttpLeftClickRedirectToHTTPSOriginWhenCrossOrigin) {
718 network::mojom::ReferrerPolicy::kOriginWhenCrossOrigin, START_ON_HTTP,
719 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTP_TO_HTTPS,
720 WindowOpenDisposition::CURRENT_TAB, blink::WebMouseEvent::Button::kLeft,
721 EXPECT_ORIGIN_AS_REFERRER);
724 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
725 HttpLeftClickRedirectToHTTPOriginWhenCrossOrigin) {
726 RunReferrerTest(network::mojom::ReferrerPolicy::kOriginWhenCrossOrigin,
727 START_ON_HTTP, REGULAR_LINK,
728 SERVER_REDIRECT_FROM_HTTP_TO_HTTP,
729 WindowOpenDisposition::CURRENT_TAB,
730 blink::WebMouseEvent::Button::kLeft, EXPECT_FULL_REFERRER);
735 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
736 HttpLeftClickHTTPRedirectToHTTPSameOrigin) {
737 RunReferrerTest(network::mojom::ReferrerPolicy::kSameOrigin, START_ON_HTTP,
738 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTP_TO_HTTP,
739 WindowOpenDisposition::CURRENT_TAB,
740 blink::WebMouseEvent::Button::kLeft, EXPECT_FULL_REFERRER);
743 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
744 HttpLeftClickHTTPRedirectToHTTPSSameOrigin) {
745 RunReferrerTest(network::mojom::ReferrerPolicy::kSameOrigin, START_ON_HTTPS,
746 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
747 WindowOpenDisposition::CURRENT_TAB,
748 blink::WebMouseEvent::Button::kLeft, EXPECT_EMPTY_REFERRER);
753 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
754 HttpLeftClickHTTPRedirectToHTTPStrictOrigin) {
755 RunReferrerTest(network::mojom::ReferrerPolicy::kStrictOrigin, START_ON_HTTP,
756 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTP_TO_HTTP,
757 WindowOpenDisposition::CURRENT_TAB,
758 blink::WebMouseEvent::Button::kLeft,
759 EXPECT_ORIGIN_AS_REFERRER);
762 IN_PROC_BROWSER_TEST_F(ReferrerPolicyTest,
763 HttpLeftClickHTTPSRedirectToHTTPStrictOrigin) {
764 RunReferrerTest(network::mojom::ReferrerPolicy::kStrictOrigin, START_ON_HTTPS,
765 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
766 WindowOpenDisposition::CURRENT_TAB,
767 blink::WebMouseEvent::Button::kLeft, EXPECT_EMPTY_REFERRER);
770 // Parameters for testing functionality imposing ad-hoc restrictions
771 // on the behavior of referrers, for instance absolute caps like
772 // "never send referrers" (as of writing, features::kNoReferrers)
773 // or "on cross-origin requests, never send more than the initiator's
774 // origin" (features::kCapReferrerToOriginOnCrossOrigin).
776 // These tests assume a default policy of no-referrer-when-downgrade.
777 struct ReferrerOverrideParams {
778 absl::optional<base::test::FeatureRef> feature_to_enable;
779 network::mojom::ReferrerPolicy baseline_policy;
780 network::mojom::ReferrerPolicy expected_policy;
782 ReferrerPolicyTest::ExpectedReferrer same_origin_nav, // HTTP -> HTTP
783 cross_origin_nav, // HTTP -> HTTP
784 cross_origin_downgrade_nav, // HTTPS -> HTTP, cross-origin
785 same_origin_to_cross_origin_redirect,
786 cross_origin_to_same_origin_redirect, same_origin_subresource,
787 same_origin_to_cross_origin_subresource_redirect;
788 } kReferrerOverrideParams[] = {
789 {.feature_to_enable = features::kNoReferrers,
790 .baseline_policy = network::mojom::ReferrerPolicy::kAlways,
791 // The renderer's "have we completely disabled referrers?"
792 // implementation resets requests' referrer policies to kNever when
793 // it excises their referrers.
794 .expected_policy = network::mojom::ReferrerPolicy::kNever,
795 .same_origin_nav = ReferrerPolicyTest::EXPECT_EMPTY_REFERRER,
796 .cross_origin_nav = ReferrerPolicyTest::EXPECT_EMPTY_REFERRER,
797 .cross_origin_downgrade_nav = ReferrerPolicyTest::EXPECT_EMPTY_REFERRER,
798 .same_origin_to_cross_origin_redirect =
799 ReferrerPolicyTest::EXPECT_EMPTY_REFERRER,
800 .cross_origin_to_same_origin_redirect =
801 ReferrerPolicyTest::EXPECT_EMPTY_REFERRER,
802 .same_origin_subresource = ReferrerPolicyTest::EXPECT_EMPTY_REFERRER,
803 .same_origin_to_cross_origin_subresource_redirect =
804 ReferrerPolicyTest::EXPECT_EMPTY_REFERRER},
806 .feature_to_enable = net::features::kCapReferrerToOriginOnCrossOrigin,
807 .baseline_policy = network::mojom::ReferrerPolicy::kAlways,
808 // Applying the cap doesn't change the "referrer policy"
809 // attribute of a request
810 .expected_policy = network::mojom::ReferrerPolicy::kAlways,
811 .same_origin_nav = ReferrerPolicyTest::EXPECT_FULL_REFERRER,
812 .cross_origin_nav = ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
813 .cross_origin_downgrade_nav =
814 ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
815 .same_origin_to_cross_origin_redirect =
816 ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
817 // Referrer policies get applied to whatever the current referrer is:
818 // in the case of a cross-origin -> same-origin redirect, we already
819 // will have truncated the referrer to the initiating origin
820 .cross_origin_to_same_origin_redirect =
821 ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
822 .same_origin_subresource = ReferrerPolicyTest::EXPECT_FULL_REFERRER,
823 .same_origin_to_cross_origin_subresource_redirect =
824 ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
827 .baseline_policy = network::mojom::ReferrerPolicy::kDefault,
828 // kDefault gets resolved into a concrete policy when making requests
830 network::mojom::ReferrerPolicy::kStrictOriginWhenCrossOrigin,
831 .same_origin_nav = ReferrerPolicyTest::EXPECT_FULL_REFERRER,
832 .cross_origin_nav = ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
833 .cross_origin_downgrade_nav = ReferrerPolicyTest::EXPECT_EMPTY_REFERRER,
834 .same_origin_to_cross_origin_redirect =
835 ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
836 .cross_origin_to_same_origin_redirect =
837 ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
838 .same_origin_subresource = ReferrerPolicyTest::EXPECT_FULL_REFERRER,
839 .same_origin_to_cross_origin_subresource_redirect =
840 ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER,
843 class ReferrerOverrideTest
844 : public ReferrerPolicyTest,
845 public ::testing::WithParamInterface<ReferrerOverrideParams> {
847 ReferrerOverrideTest() {
848 if (GetParam().feature_to_enable) {
849 scoped_feature_list_.InitAndEnableFeature(
850 *GetParam().feature_to_enable.value());
855 // Test that the correct referrer is sent along with
856 // a subresource request.
857 // Parameter semantics are the same as for
858 // ReferrerPolicyTest::RunReferrerTest.
859 void RunSubresourceTest(StartOnProtocol start_protocol,
860 RedirectType redirect,
861 network::mojom::ReferrerPolicy baseline_policy,
862 ExpectedReferrer expectation) {
866 image_url = embedded_test_server()->GetURL("/referrer_policy/logo.gif");
868 case HTTPS_NO_REDIRECT:
869 image_url = https_server_.GetURL("/referrer_policy/logo.gif");
871 case SERVER_REDIRECT_FROM_HTTPS_TO_HTTP:
872 image_url = https_server_.GetURL(
873 std::string("/server-redirect?") +
874 embedded_test_server()->GetURL("/referrer_policy/logo.gif").spec());
876 case SERVER_REDIRECT_FROM_HTTP_TO_HTTP:
877 image_url = embedded_test_server()->GetURL(
878 std::string("/server-redirect?") +
879 embedded_test_server()->GetURL("/referrer_policy/logo.gif").spec());
881 case SERVER_REDIRECT_FROM_HTTP_TO_HTTPS:
882 image_url = embedded_test_server()->GetURL(
883 std::string("/server-redirect?") +
884 https_server_.GetURL("/referrer_policy/logo.gif").spec());
888 std::string relative_url =
889 std::string("/referrer_policy/referrer-policy-subresource.html?") +
890 "policy=" + content::ReferrerPolicyToString(baseline_policy) +
891 "&redirect=" + image_url.spec();
893 auto* start_server = start_protocol == START_ON_HTTPS
895 : embedded_test_server();
896 const GURL start_url = start_server->GetURL(relative_url);
898 content::WebContents* tab =
899 browser()->tab_strip_model()->GetActiveWebContents();
901 base::ReleasableAutoLock lock(&check_on_requests_lock_);
902 check_on_requests_ = RequestCheck{"", "/referrer_policy/logo.gif"};
903 switch (expectation) {
904 case ReferrerPolicyTest::EXPECT_EMPTY_REFERRER:
905 check_on_requests_->expected_spec = "";
907 case ReferrerPolicyTest::EXPECT_FULL_REFERRER:
908 check_on_requests_->expected_spec = start_url.spec();
910 case ReferrerPolicyTest::EXPECT_ORIGIN_AS_REFERRER:
911 check_on_requests_->expected_spec = start_url.GetWithEmptyPath().spec();
916 // set by referrer-policy-subresource.html JS after the embedded image loads
917 std::u16string expected_title(u"loaded");
918 std::unique_ptr<content::TitleWatcher> title_watcher(
919 new content::TitleWatcher(tab, expected_title));
920 ASSERT_TRUE(ui_test_utils::NavigateToURL(browser(), start_url));
922 // Wait for the page to load; during the load, since check_on_requests_ is
923 // nonempty, OnServerIncomingRequest will validate the referrers.
924 EXPECT_EQ(expected_title, title_watcher->WaitAndGetTitle());
928 base::test::ScopedFeatureList scoped_feature_list_;
931 INSTANTIATE_TEST_SUITE_P(
933 ReferrerOverrideTest,
934 ::testing::ValuesIn(kReferrerOverrideParams),
935 [](const ::testing::TestParamInfo<ReferrerOverrideParams>& info)
937 if (info.param.feature_to_enable) {
938 return base::StringPrintf("Param%s",
939 info.param.feature_to_enable.value()->name);
944 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest, SameOriginNavigation) {
945 RunReferrerTest(GetParam().baseline_policy, START_ON_HTTP, REGULAR_LINK,
946 NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
947 blink::WebMouseEvent::Button::kNoButton,
948 GetParam().same_origin_nav, GetParam().expected_policy);
951 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest, CrossOriginNavigation) {
952 RunReferrerTest(GetParam().baseline_policy, START_ON_HTTP, REGULAR_LINK,
953 HTTPS_NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
954 blink::WebMouseEvent::Button::kNoButton,
955 GetParam().cross_origin_nav, GetParam().expected_policy);
958 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest,
959 CrossOriginNavigationBrowserInitiated) {
960 RunReferrerTest(GetParam().baseline_policy, START_ON_HTTP, REGULAR_LINK,
961 HTTPS_NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
962 blink::WebMouseEvent::Button::kLeft,
963 GetParam().cross_origin_nav, GetParam().expected_policy,
967 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest, CrossOriginDowngradeNavigation) {
968 RunReferrerTest(GetParam().baseline_policy, START_ON_HTTPS, REGULAR_LINK,
969 NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
970 blink::WebMouseEvent::Button::kNoButton,
971 GetParam().cross_origin_downgrade_nav,
972 GetParam().expected_policy);
975 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest, CrossOriginRedirect) {
976 RunReferrerTest(GetParam().baseline_policy, START_ON_HTTP, REGULAR_LINK,
977 SERVER_REDIRECT_FROM_HTTP_TO_HTTPS,
978 WindowOpenDisposition::CURRENT_TAB,
979 blink::WebMouseEvent::Button::kNoButton,
980 GetParam().same_origin_to_cross_origin_redirect,
981 GetParam().expected_policy);
984 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest, CrossOriginToSameOriginRedirect) {
985 RunReferrerTest(GetParam().baseline_policy, START_ON_HTTP, REGULAR_LINK,
986 SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
987 WindowOpenDisposition::CURRENT_TAB,
988 blink::WebMouseEvent::Button::kNoButton,
989 GetParam().cross_origin_to_same_origin_redirect,
990 GetParam().expected_policy);
993 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest, SameOriginSubresource) {
994 RunSubresourceTest(START_ON_HTTP, NO_REDIRECT, GetParam().baseline_policy,
995 GetParam().same_origin_subresource);
998 IN_PROC_BROWSER_TEST_P(ReferrerOverrideTest,
999 SameOriginToCrossOriginSubresourceRedirect) {
1001 START_ON_HTTP, SERVER_REDIRECT_FROM_HTTP_TO_HTTPS,
1002 GetParam().baseline_policy,
1003 GetParam().same_origin_to_cross_origin_subresource_redirect);
1006 // Most of the functionality of the referrer-cap flag is covered by
1007 // ReferrerOverrideTest; these couple additional tests test the flag's
1008 // interaction with other referrer policies
1009 class ReferrerPolicyCapReferrerToOriginOnCrossOriginTest
1010 : public ReferrerPolicyTest {
1012 ReferrerPolicyCapReferrerToOriginOnCrossOriginTest() {
1013 scoped_feature_list_.InitAndEnableFeature(
1014 net::features::kCapReferrerToOriginOnCrossOrigin);
1018 base::test::ScopedFeatureList scoped_feature_list_;
1021 // Test that capping referrer granularity at origin on cross-origin requests
1022 // correctly defers to a more restrictive referrer policy on a
1023 // cross-origin navigation.
1024 IN_PROC_BROWSER_TEST_F(ReferrerPolicyCapReferrerToOriginOnCrossOriginTest,
1025 HonorsMoreRestrictivePolicyOnNavigation) {
1026 RunReferrerTest(network::mojom::ReferrerPolicy::kSameOrigin, START_ON_HTTPS,
1027 REGULAR_LINK, NO_REDIRECT /*direct navigation x-origin*/,
1028 WindowOpenDisposition::CURRENT_TAB,
1029 blink::WebMouseEvent::Button::kLeft, EXPECT_EMPTY_REFERRER);
1032 // Test that capping referrer granularity at origin on cross-origin requests
1033 // correctly defers to a more restrictive referrer policy on a
1034 // cross-origin redirect.
1035 IN_PROC_BROWSER_TEST_F(ReferrerPolicyCapReferrerToOriginOnCrossOriginTest,
1036 HonorsMoreRestrictivePolicyOnRedirect) {
1037 RunReferrerTest(network::mojom::ReferrerPolicy::kStrictOrigin, START_ON_HTTPS,
1038 REGULAR_LINK, SERVER_REDIRECT_FROM_HTTPS_TO_HTTP,
1039 WindowOpenDisposition::CURRENT_TAB,
1040 blink::WebMouseEvent::Button::kLeft, EXPECT_EMPTY_REFERRER);
1043 // Test that, when the cross-origin referrer cap is on but we also have the
1044 // "no referrers at all" pref set, we send no referrer at all on cross-origin
1046 IN_PROC_BROWSER_TEST_F(ReferrerPolicyCapReferrerToOriginOnCrossOriginTest,
1047 RespectsNoReferrerPref) {
1048 browser()->profile()->GetPrefs()->SetBoolean(prefs::kEnableReferrers, false);
1051 ->GetDefaultStoragePartition()
1052 ->FlushNetworkInterfaceForTesting();
1053 RunReferrerTest(network::mojom::ReferrerPolicy::kAlways, START_ON_HTTPS,
1054 REGULAR_LINK, NO_REDIRECT, WindowOpenDisposition::CURRENT_TAB,
1055 blink::WebMouseEvent::Button::kLeft, EXPECT_EMPTY_REFERRER,
1056 // when the pref is set, the renderer sets the referrer policy
1057 // to the kNever on outgoing requests at the same time
1058 // it removes referrers
1059 network::mojom::ReferrerPolicy::kNever);