Html coop update

html/cross-origin-opener-policy/coep-navigate-popup.https.html

@@ -49,11 +49,12 @@
     const channel = title.replace(/ /g,"-");
     const navigateHost = site === "same-origin" ? SAME_ORIGIN : SAME_SITE;
     const navigateURL = `${navigateHost.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${variant.coop}&coep=${variant.coep}&channel=${channel}`;
-    const opener = site === "same-origin" ? variant.opener : false;
+    const opener = site === "same-origin" ? variant.opener : true;
 
     async_test(t => {
       // For each test we open a COOP: same-origin/COEP: require-corp document in a popup and then
-      // navigate that to either a same-origin or same-site document whose COOP and COEP are set as
+      // navigate that to either a same-origin or "same-site" (a historical value which today should
+      // be equivalent to "unsafe-none") document whose COOP and COEP are set as
       // per the top-most array. We then verify that this document has the correct opener for its
       // specific setup.
       url_test(t, `${SAME_ORIGIN.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=same-origin&coep=require-corp&navigate=${encodeURIComponent(navigateURL)}`, channel, opener);

html/cross-origin-opener-policy/coep.https.html

@@ -35,10 +35,10 @@
     coop_coep_test(t, SAME_ORIGIN, variant.coop, variant.coep, variant.title.replace(/ /g,"-"), variant.opener);
   }, `Same-origin ${variant.title}`);
 
-  // This seems useful to test, CROSS_SITE is probably too redundant though.
+  // "same-site" is a historical value and should be interpreted as "unsafe-none"
   async_test(t => {
-    coop_coep_test(t, SAME_SITE, variant.coop, variant.coep, `same-site-${variant.title.replace(/ /g,"-")}`, false);
-  }, `Same-site ${variant.title}`);
+    coop_coep_test(t, SAME_SITE, variant.coop, variant.coep, `same-site-${variant.title.replace(/ /g,"-")}`, true);
+  }, `historical: "same-site" ${variant.title}`);
 });
 
 test(() => {

html/cross-origin-opener-policy/coop-navigated-popup.https.html

@@ -1,7 +1,7 @@
 <!doctype html>
 <title>Cross-Origin-Opener-Policy: a navigated popup</title>
 <!-- In particular this is different from coep-navigate-popup.https.html as this document initiates
-     the navigation (and uses unsafe-allow-outgoing and no COEP as without that it cannot be
+     the navigation (and uses same-origin-allow-popups and no COEP as without that it cannot be
      observed). COOP should work identically, but implementations might have used the wrong
      authority. -->
 <script src=/resources/testharness.js></script>

html/cross-origin-opener-policy/coop-navigated-popup.https.html.headers

@@ -1 +1 @@
-Cross-Origin-Opener-Policy: same-origin unsafe-allow-outgoing
+Cross-Origin-Opener-Policy: same-origin-allow-popups

html/cross-origin-opener-policy/historical/popup-same-origin-unsafe-allow-outgoing.https.html

@@ -0,0 +1,43 @@
+<!doctype html>
+<meta charset=utf-8>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="../resources/common.js"></script>
+
+<div id=log></div>
+<script>
+
+let tests = [
+  // popup Origin, popup COOP, expect opener
+  [SAME_ORIGIN, "", true],
+  [SAME_ORIGIN, "unsafe-none", true],
+  [SAME_ORIGIN, "jibberish", true],
+  [SAME_ORIGIN, "same-site", true], // historical value
+  [SAME_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin", false],
+  [SAME_ORIGIN, "same-origin-allow-popups", false],
+
+  [SAME_SITE, "", true],
+  [SAME_SITE, "unsafe-none", true],
+  [SAME_SITE, "jibberish", true],
+  [SAME_SITE, "same-site", true], // historical value
+  [SAME_SITE, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin", false],
+  [SAME_SITE, "same-origin-allow-popups", false],
+
+  [CROSS_ORIGIN, "", true],
+  [CROSS_ORIGIN, "unsafe-none", true],
+  [CROSS_ORIGIN, "jibberish", true],
+  [CROSS_ORIGIN, "same-site", true], // historical value
+  [CROSS_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin", false],
+  [CROSS_ORIGIN, "same-origin-allow-popups", false],
+];
+
+run_coop_tests("same-origin unsafe-allow-outgoing", tests);
+
+</script>

html/cross-origin-opener-policy/historical/popup-same-site-unsafe-allow-outgoing.https.html

@@ -0,0 +1,43 @@
+<!doctype html>
+<meta charset=utf-8>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="../resources/common.js"></script>
+
+<div id=log></div>
+<script>
+
+let tests = [
+  // popup Origin, popup COOP, expect opener
+  [SAME_ORIGIN, "", true],
+  [SAME_ORIGIN, "unsafe-none", true],
+  [SAME_ORIGIN, "jibberish", true],
+  [SAME_ORIGIN, "same-site", true], // historical value
+  [SAME_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin", false],
+  [SAME_ORIGIN, "same-origin-allow-popups", false],
+
+  [SAME_SITE, "", true],
+  [SAME_SITE, "unsafe-none", true],
+  [SAME_SITE, "jibberish", true],
+  [SAME_SITE, "same-site", true], // historical value
+  [SAME_SITE, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin", false],
+  [SAME_SITE, "same-origin-allow-popups", false],
+
+  [CROSS_ORIGIN, "", true],
+  [CROSS_ORIGIN, "unsafe-none", true],
+  [CROSS_ORIGIN, "jibberish", true],
+  [CROSS_ORIGIN, "same-site", true], // historical value
+  [CROSS_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin", false],
+  [CROSS_ORIGIN, "same-origin-allow-popups", false],
+];
+
+run_coop_tests("same-site unsafe-allow-outgoing", tests);
+
+</script>

html/cross-origin-opener-policy/historical/popup-same-site.https.html

@@ -0,0 +1,43 @@
+<!doctype html>
+<meta charset=utf-8>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="../resources/common.js"></script>
+
+<div id=log></div>
+<script>
+
+let tests = [
+  // popup Origin, popup COOP, expect opener
+  [SAME_ORIGIN, "", true],
+  [SAME_ORIGIN, "unsafe-none", true],
+  [SAME_ORIGIN, "jibberish", true],
+  [SAME_ORIGIN, "same-site", true], // historical value
+  [SAME_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin", false],
+  [SAME_ORIGIN, "same-origin-allow-popups", false],
+
+  [SAME_SITE, "", true],
+  [SAME_SITE, "unsafe-none", true],
+  [SAME_SITE, "jibberish", true],
+  [SAME_SITE, "same-site", true], // historical value
+  [SAME_SITE, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin", false],
+  [SAME_SITE, "same-origin-allow-popups", false],
+
+  [CROSS_ORIGIN, "", true],
+  [CROSS_ORIGIN, "unsafe-none", true],
+  [CROSS_ORIGIN, "jibberish", true],
+  [CROSS_ORIGIN, "same-site", true], // historical value
+  [CROSS_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin", false],
+  [CROSS_ORIGIN, "same-origin-allow-popups", false],
+];
+
+run_coop_tests("same-site", tests);
+
+</script>

html/cross-origin-opener-policy/popup-same-origin-allow-popups.https.html

@@ -0,0 +1,43 @@
+<!doctype html>
+<meta charset=utf-8>
+<script src=/resources/testharness.js></script>
+<script src=/resources/testharnessreport.js></script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="resources/common.js"></script>
+
+<div id=log></div>
+<script>
+
+let tests = [
+  // popup Origin, popup COOP, expect opener
+  [SAME_ORIGIN, "", true],
+  [SAME_ORIGIN, "unsafe-none", true],
+  [SAME_ORIGIN, "jibberish", true],
+  [SAME_ORIGIN, "same-site", true], // historical value
+  [SAME_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_ORIGIN, "same-origin", false],
+  [SAME_ORIGIN, "same-origin-allow-popups", true],
+
+  [SAME_SITE, "", true],
+  [SAME_SITE, "unsafe-none", true],
+  [SAME_SITE, "jibberish", true],
+  [SAME_SITE, "same-site", true], // historical value
+  [SAME_SITE, "same-site unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin unsafe-allow-outgoing", true], // historical value
+  [SAME_SITE, "same-origin", false],
+  [SAME_SITE, "same-origin-allow-popups", false],
+
+  [CROSS_ORIGIN, "", true],
+  [CROSS_ORIGIN, "unsafe-none", true],
+  [CROSS_ORIGIN, "jibberish", true],
+  [CROSS_ORIGIN, "same-site", true], // historical value
+  [CROSS_ORIGIN, "same-site unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin unsafe-allow-outgoing", true], // historical value
+  [CROSS_ORIGIN, "same-origin", false],
+  [CROSS_ORIGIN, "same-origin-allow-popups", false],
+];
+
+run_coop_tests("same-origin-allow-popups", tests);
+
+</script>

html/cross-origin-opener-policy/popup-same-origin-allow-popups.https.html.headers

@@ -0,0 +1 @@
+Cross-Origin-Opener-Policy: same-origin-allow-popups

html/cross-origin-opener-policy/popup-same-origin.https.html

@@ -11,25 +11,31 @@
 let tests = [
   // popup Origin, popup COOP, expect opener
   [SAME_ORIGIN, "", false],
+  [SAME_ORIGIN, "unsafe-none", false],
   [SAME_ORIGIN, "jibberish", false],
-  [SAME_ORIGIN, "same-site", false],
-  [SAME_ORIGIN, "same-site unsafe-allow-outgoing", false],
+  [SAME_ORIGIN, "same-site", false], // historical value
+  [SAME_ORIGIN, "same-site unsafe-allow-outgoing", false], // historical value
+  [SAME_ORIGIN, "same-origin unsafe-allow-outgoing", false], // historical value
   [SAME_ORIGIN, "same-origin", true],
-  [SAME_ORIGIN, "same-origin unsafe-allow-outgoing", false],
+  [SAME_ORIGIN, "same-origin-allow-popups", false],
 
   [SAME_SITE, "", false],
+  [SAME_SITE, "unsafe-none", false],
   [SAME_SITE, "jibberish", false],
-  [SAME_SITE, "same-site", false],
-  [SAME_SITE, "same-site unsafe-allow-outgoing", false],
+  [SAME_SITE, "same-site", false], // historical value
+  [SAME_SITE, "same-site unsafe-allow-outgoing", false], // historical value
+  [SAME_SITE, "same-origin unsafe-allow-outgoing", false], // historical value
   [SAME_SITE, "same-origin", false],
-  [SAME_SITE, "same-origin unsafe-allow-outgoing", false],
+  [SAME_SITE, "same-origin-allow-popups", false],
 
   [CROSS_ORIGIN, "", false],
+  [CROSS_ORIGIN, "unsafe-none", false],
   [CROSS_ORIGIN, "jibberish", false],
-  [CROSS_ORIGIN, "same-site", false],
-  [CROSS_ORIGIN, "same-site unsafe-allow-outgoing", false],
+  [CROSS_ORIGIN, "same-site", false], // historical value
+  [CROSS_ORIGIN, "same-site unsafe-allow-outgoing", false], // historical value
+  [CROSS_ORIGIN, "same-origin unsafe-allow-outgoing", false], // historical value
   [CROSS_ORIGIN, "same-origin", false],
-  [CROSS_ORIGIN, "same-origin unsafe-allow-outgoing", false],
+  [CROSS_ORIGIN, "same-origin-allow-popups", false],
 ];
 
 run_coop_tests("same-origin", tests);