forked from mirrors/gecko-dev
c900084f2d
Automatic update from web-platform-testsES Modules: Use an appropriate referrer policy for module script loading This CL fixes ReferrerPolicy handling in module script loading. Before this CL, FetchClientSettingsObjectSnapshot's referrer policy is used, but this is wrong. The spec requires to use ScriptFetchOptions' referrer policy. // The "set up the module script request" algorithm: "Set request's cryptographic nonce metadata to options's cryptographic nonce, ..., and its referrer policy to options's referrer policy." https://html.spec.whatwg.org/multipage/webappapis.html#set-up-the-module-script-request Specifically, this CL introduces |referrer_policy_| field in ScriptFetchOptions class as spec'ed and propagates it to the entire path of module script loading. ScriptFetchOptions's referrer policy can be set to following values: - <script>'s "referrerpolicy" attribute is used for <script type='module'>. This hasn't been implemented yet (see https://crbug.com/841673), so the current document's referrer policy is used to keep the backward compatibility. // The "prepare a script" algorithm: "20. Let referrer policy be the current state of the element's referrerpolicy content attribute." "22. Let options be a script fetch options whose cryptographic nonce is cryptographic nonce, ..., and referrer policy is referrer policy." https://html.spec.whatwg.org/multipage/scripting.html#prepare-a-script - <link>'s "referrerpolicy" attribute is used for modulepreload. // The "Link type "modulepreload"" algorithm: "9. Let referrer policy be the current state of the element's referrerpolicy attribute." "10. Let options be a script fetch options whose cryptographic nonce is cryptographic nonce, ..., and referrer policy is referrer policy." https://html.spec.whatwg.org/multipage/links.html#link-type-modulepreload - The default referrer policy is used for module workers and worklets. This is the reason why this CL changes test expectations of workers and worklets. // The "fetch a module worker script graph" algorithm: "2. Let options be a script fetch options whose cryptographic nonce is the empty string, ..., and referrer policy is the empty string." https://html.spec.whatwg.org/multipage/webappapis.html#fetch-a-module-worker-script-tree Change-Id: Ic0f9e6667cd1b84f74d86fcc948451c1d2f8191f Bug: 842553, 855963 Reviewed-on: https://chromium-review.googlesource.com/1111743 Commit-Queue: Hiroki Nakagawa <nhiroki@chromium.org> Reviewed-by: Hiroshige Hayashizaki <hiroshige@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Reviewed-by: Kouhei Ueno <kouhei@chromium.org> Cr-Commit-Position: refs/heads/master@{#569967} -- wpt-commits: 50b0943d82d36bb92977002bebd5a7990e0ed388 wpt-pr: 11626 |
||
|---|---|---|
| .. | ||
| resources | ||
| animation-worklet-credentials.https.html | ||
| animation-worklet-csp.https.html | ||
| animation-worklet-import.https.html | ||
| animation-worklet-referrer.https.html | ||
| animation-worklet-service-worker-interception.https.html | ||
| layout-worklet-credentials.https.html | ||
| layout-worklet-csp.https.html | ||
| layout-worklet-import.https.html | ||
| layout-worklet-referrer.https.html | ||
| layout-worklet-service-worker-interception.https.html | ||
| META.yml | ||
| paint-worklet-credentials.https.html | ||
| paint-worklet-csp.https.html | ||
| paint-worklet-import.https.html | ||
| paint-worklet-referrer.https.html | ||
| paint-worklet-service-worker-interception.https.html | ||
| README.md | ||
These are the tests for the Worklets Level 1 spec.