/third_party/blink/web_tests/external/wpt/html/cross-origin-opener-policy/reporting/navigation-reporting/reporting-coop-navigated-popup.https.html

<title>Cross-Origin-Opener-Policy: a navigated popup with reporting</title>
<script src=/resources/testharness.js></script>
<script src=/resources/testharnessreport.js></script>
<script src="/common/utils.js"></script> <!-- Use token() to allow running tests in parallel -->
<script src="/common/dispatcher/dispatcher.js"></script>
<script
  src="/html/cross-origin-opener-policy/reporting/resources/reporting-common.js?pipe=sub&report_id=df3cde15-b00b-4a59-b6e2-498b67a6146e&report_only_id=ebf3a415-7a74-42e1-92d1-e600b1bbe22e"></script>

<script>

// This test does the following:
//  1 - This document has COOP: same-origin-allow-popups; report-to="coop-report-endpoint"
//  2 - Open a popup on a same-origin page without COOP, with the coop-popup-report-endpoint
//  3 - Navigate the popup to a same-origin page with COOP, with the coop-redirect-report-endpoint
// it verifies that the reports are properly send for the browsing context switch
// during the navigation in the popup (step 3). The current document (the opener)
// endpoint should not receive any report as no switch ocurred on 2.
promise_test( async t => {
  const callbackToken = token();
  const noCoopToken = token();
  const coopToken= token();
  await reportingTest(async resolve => {
    const noCOOPUrl = executor_path +
      convertToWPTHeaderPipe(getReportingEndpointsHeader(location.origin)) +
      `|header(Cross-Origin-Opener-Policy,${encodeURIComponent(`unsafe-none; report-to="${popupReportEndpoint.name}"`)})` +
      `&uuid=${noCoopToken}`;
    const coopUrl = executor_path +
      convertToWPTHeaderPipe(getReportingEndpointsHeader(location.origin)) +
      `|header(Cross-Origin-Opener-Policy,${encodeURIComponent(`same-origin; report-to="${redirectReportEndpoint.name}"`)})` +
      `&uuid=${coopToken}`;

    // 1. Open a popup without COOP and with reporting. COOP does not trigger
    // a browsing context group switch because the current document is
    // same-origin-allow-popups
    const popup = window.open(noCOOPUrl);
    t.add_cleanup(() => send(noCoopToken, "window.close()"));

    // 2. Navigate the popup to a COOP document, which switches the browsing
    // context group.
    send(noCoopToken, `window.location = "${coopUrl}";`);
    t.add_cleanup(() => send(coopToken, "window.close()"));

    // 3. Make sure the new document is loaded.
    send(coopToken, `
      send("${callbackToken}", "Ready");
    `);
    let reply = await receive(callbackToken);
    resolve();
  },
  "", // executor token for the report replacements, unused in this test
  [
    // Reports expected for the navigation from "noCOOP" to "coop"
    {
      "endpoint": popupReportEndpoint,
      "report": {
        "body": {
          "disposition": "enforce",
          "effectivePolicy": "unsafe-none",
          "nextResponseURL": RegExp(`uuid=${coopToken}$`),
          "type": "navigation-from-response"
        },
        "url": RegExp(`uuid=${noCoopToken}$`),
        "type": "coop"
      }
    },
    {
      "endpoint": redirectReportEndpoint,
      "report": {
        "body": {
          "disposition": "enforce",
          "effectivePolicy": "same-origin",
          "previousResponseURL": RegExp(`uuid=${noCoopToken}$`),
          "referrer": RegExp(`uuid=${noCoopToken}$`),
          "type": "navigation-to-response"
        },
        "url": RegExp(`uuid=${coopToken}$`),
        "type": "coop"
      }
    },
  ]);
}, "Open a popup to a document without COOP, then navigate it to a document with");

verifyRemainingReports();

</script>