def test_header_private(self):
for policy in [
'no-referrer', 'same-origin', 'strict-origin', 'STRICT-ORIGIN',
'strict-origin-when-cross-origin'
]:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertTrue(result['http'])
self.assertFalse(result['meta'])
self.assertTrue(result['pass'])
# Do that same test with a <meta> http-equiv
self.reqs = empty_requests(
'test_parse_http_equiv_headers_referrer1.html')
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertEquals('no-referrer, same-origin', result['data'])
self.assertFalse(result['http'])
self.assertTrue(result['meta'])
self.assertTrue(result['pass'])
# Note that <meta> http-equiv comes before the HTTP header
self.reqs['responses']['auto'].headers[
'Referrer-Policy'] = 'unsafe-url'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertEquals('unsafe-url, no-referrer, same-origin',
result['data'])
self.assertTrue(result['http'])
self.assertTrue(result['meta'])
self.assertTrue(result['pass'])
def test_header_private(self):
for policy in ['no-referrer',
'same-origin',
'strict-origin',
'STRICT-ORIGIN',
'strict-origin-when-cross-origin']:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertTrue(result['http'])
self.assertFalse(result['meta'])
self.assertTrue(result['pass'])
# Do that same test with a <meta> http-equiv
self.reqs = empty_requests('test_parse_http_equiv_headers_referrer1.html')
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertEquals('no-referrer, same-origin', result['data'])
self.assertFalse(result['http'])
self.assertTrue(result['meta'])
self.assertTrue(result['pass'])
# Note that <meta> http-equiv comes before the HTTP header
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'unsafe-url'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertEquals('unsafe-url, no-referrer, same-origin', result['data'])
self.assertTrue(result['http'])
self.assertTrue(result['meta'])
self.assertTrue(result['pass'])
def test_header_no_referrer_when_downgrade(self):
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'no-referrer-when-downgrade'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-no-referrer-when-downgrade', result['result'])
self.assertTrue(result['pass'])
def test_header_no_referrer_when_downgrade(self):
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'no-referrer-when-downgrade'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-no-referrer-when-downgrade', result['result'])
self.assertTrue(result['pass'])
def test_header_invalid(self):
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'whimsy'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-header-invalid', result['result'])
self.assertFalse(result['pass'])
def test_multiple_value_header_mix(self):
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'no-referrer, whimsy'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertTrue(result['pass'])
def test_multiple_value_header_invalid(self):
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'whimsy, whimsy1, whimsy2'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-header-invalid', result['result'])
self.assertFalse(result['pass'])
def test_multiple_value_header_mix(self):
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'no-referrer, whimsy'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertTrue(result['pass'])
def test_multiple_value_header_all_valid(self):
self.reqs['responses']['auto'].headers['Referrer-Policy'] = 'origin-when-cross-origin, no-referrer, unsafe-url'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-unsafe', result['result'])
self.assertFalse(result['pass'])
def test_multiple_value_header_all_valid(self):
self.reqs['responses']['auto'].headers[
'Referrer-Policy'] = 'origin-when-cross-origin, no-referrer, unsafe-url'
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-unsafe', result['result'])
self.assertFalse(result['pass'])
def test_header_unsafe(self):
for policy in ['origin', 'origin-when-cross-origin', 'unsafe-url']:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-unsafe', result['result'])
self.assertFalse(result['pass'])
def test_header_private(self):
for policy in ['no-referrer', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin']:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertTrue(result['pass'])
def test_header_unsafe(self):
for policy in ['origin', 'origin-when-cross-origin', 'unsafe-url']:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-unsafe', result['result'])
self.assertFalse(result['pass'])
def test_multiple_value_header_all_valid(self):
valid_but_unsafe_policies = ['origin-when-cross-origin, no-referrer, unsafe-url', # safe in the middle
'no-referrer, unsafe-url'] # safe at the beginning
for policy in valid_but_unsafe_policies:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-unsafe', result['result'])
self.assertFalse(result['pass'])
def test_multiple_value_header_all_valid(self):
valid_but_unsafe_policies = ['origin-when-cross-origin, no-referrer, unsafe-url', # safe in the middle
'no-referrer, unsafe-url'] # safe at the beginning
for policy in valid_but_unsafe_policies:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-unsafe', result['result'])
self.assertFalse(result['pass'])
def test_header_private(self):
for policy in [
'no-referrer', 'same-origin', 'strict-origin',
'strict-origin-when-cross-origin'
]:
self.reqs['responses']['auto'].headers['Referrer-Policy'] = policy
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-private', result['result'])
self.assertTrue(result['pass'])
def test_missing(self):
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-not-implemented', result['result'])
self.assertTrue(result['pass'])
def test_missing(self):
result = referrer_policy(self.reqs)
self.assertEquals('referrer-policy-not-implemented', result['result'])
self.assertTrue(result['pass'])
