Bug 1915538 [wpt PR 47856] - Adds a simple Navigational Tracking Miti…

…gations test., a=testonly

Automatic update from web-platform-tests
Adds a simple Navigational Tracking Mitigations test. (#47856)

* Add Navigation Tracking Mitigations test

* remove file

* Address comments

* clean up

* address comments

* no op

---------

Co-authored-by: Giovanni Ortuño Urquidi <[email protected]>
--

wpt-commits: f7a3977a2c20a0f907f410bd69b24990dae9db18
wpt-pr: 47856

testing/web-platform/tests/nav-tracking-mitigations/META.yml

@@ -0,0 +1,9 @@
+spec: https://privacycg.github.io/nav-tracking-mitigations/
+suggested_reviewers:
+  - amaliev
+  - bvandersloot-mozilla
+  - hoodjoshua
+  - njeunje
+  - rtarpine-google
+  - Trikolon
+  - wanderview

testing/web-platform/tests/nav-tracking-mitigations/resources/cross-origin-client-redirect-with-cookie-header.sub.https.html

@@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<meta charset=utf-8>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script>
+  // `document.cookie` is set using the `Set-Cookie` HTTP header in
+  // cross-origin-client-redirect-with-cookie-header.sub.https.html.headers.
+  assert_equals(document.cookie, 'example=test');
+
+  const url = new URL('redirect-chain-end.sub.https.html',
+                      window.location.href);
+  url.hostname = '{{host}}';
+
+  window.location = url;
+</script>

testing/web-platform/tests/nav-tracking-mitigations/resources/cross-origin-client-redirect-with-cookie-header.sub.https.html.headers

@@ -0,0 +1,2 @@
+Content-Type: text/html
+Set-Cookie: example=test

testing/web-platform/tests/nav-tracking-mitigations/resources/cross-origin-get-cookie.sub.https.html

@@ -0,0 +1,5 @@
+<!DOCTYPE HTML>
+<meta charset=utf-8>
+<script>
+window.opener.postMessage({cookie: document.cookie}, '*');
+</script>

testing/web-platform/tests/nav-tracking-mitigations/resources/redirect-chain-end.sub.https.html

@@ -0,0 +1,10 @@
+<!DOCTYPE HTML>
+<meta charset=utf-8>
+<title>Bounce Tracking Mitigations: Stateful Client Bounce (End Page)</title>
+<script>
+  // Notify the main test page that the redirect flow has completed.
+  window.opener.postMessage(true, '*');
+
+  // This will end the redirect chain.
+  window.close();
+</script>

testing/web-platform/tests/nav-tracking-mitigations/resources/redirect-chain-start.sub.https.html

@@ -0,0 +1,18 @@
+<!DOCTYPE HTML>
+<meta charset=utf-8>
+<title>Bounce Tracking Mitigations: Stateful Client Bounce (Start Page)</title>
+<body></body>
+<script src=/resources/testdriver.js></script>
+<script>
+  const url = new URL(
+    'cross-origin-client-redirect-with-cookie-header.sub.https.html',
+    window.location.href);
+  url.hostname = '{{hosts[alt][]}}';
+
+  const link = document.createElement('a');
+  link.href = url;
+  // Used by the main test page to retrieve the button.
+  link.id = 'navigate-link';
+  link.text = 'navigate to redirecting page';
+  document.body.append(link);
+</script>

testing/web-platform/tests/nav-tracking-mitigations/stateful-client-bounce.sub.https.html

@@ -0,0 +1,69 @@
+<!DOCTYPE HTML>
+<meta charset=utf-8>
+<title>Bounce Tracking Mitigations: Stateful Client Bounce</title>
+<body>body for test_driver.bless</body>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src=/resources/testdriver.js></script>
+<script src=/resources/testdriver-vendor.js></script>
+<script>
+  promise_setup(async () => {
+    try {
+      await test_driver.set_storage_access('*', '*', 'blocked');
+    } catch (e) {
+      // Ignore, can be unimplemented if the platform blocks cross-site
+      // cookies by default. If this failed without default blocking the test
+      // will fail.
+    }
+  });
+
+  promise_test(async t => {
+    let linkInNewPage = null;
+
+    // Open a new tab and retrieve the link to start the test.
+    await test_driver.bless('open page to start test', async () => {
+      const otherTab = window.open(
+        'resources/redirect-chain-start.sub.https.html');
+
+      await new Promise(resolve => otherTab.addEventListener('load', resolve));
+      linkInNewPage = otherTab.document.getElementById('navigate-link');
+    });
+
+    const redirectEndedPromise = new Promise(resolve => {
+      window.addEventListener('message', resolve, {once: true});
+    });
+
+    // Click the link in the new tab.
+    //
+    // Ideally, we would click this from within the page, but because the page
+    // immediately navigates away, test_driver fails as it expects the page to
+    // not navigate away. Doing this from the main test page avoids the issue.
+    test_driver.click(linkInNewPage);
+
+    await redirectEndedPromise;
+
+    let result = [];
+    while (result.length == 0) {
+      result = await test_driver.run_bounce_tracking_mitigations();
+    }
+    assert_array_equals(result, ['{{hosts[alt][]}}']);
+
+    // Open a page on the bounce origin, and check that cookies have been
+    // cleared.
+    const getCookiesFromBounceOrigin = new Promise(
+      resolve => {
+        window.addEventListener(
+          'message',
+          (event) => { resolve(event.data.cookie) },
+          {once: true})
+    });
+
+    const url = new URL(
+      'resources/cross-origin-get-cookie.sub.https.html',
+      window.location.href);
+    url.hostname = '{{hosts[alt][]}}';
+    window.open(url);
+
+    assert_equals(await getCookiesFromBounceOrigin, '');
+  }, 'Bounce tracking mitigations deleting state for a bounce tracker');
+</script>