From d73e63c437344813e65d689f9ae5c6285a3c5422 Mon Sep 17 00:00:00 2001
From: Andrew Paseltiner <apaseltiner@chromium.org>
Date: Fri, 10 May 2024 04:54:42 -0700
Subject: [PATCH] Revert "Use resource-level referrer policy for attributionsrc
 requests"

This reverts commit 4c4802b8681c23f09e62c1fb82ed2c00a65d12a6.

Reason for revert: Getting approvals on the revert in case launch approvals are not received in time.

Original change's description:
> Use resource-level referrer policy for attributionsrc requests
>
> For <img> and <script> the attributionsrc request's referrer policy now
> matches the subresource's policy, rather than the document-level
> default.
>
> For <a> and window.open, the attribution src request's referrer policy
> now matches that of the navigation, rather than the per-request default.
>
> https://github.com/WICG/attribution-reporting-api/issues/382
> https://github.com/WICG/attribution-reporting-api/pull/1254
>
> Change-Id: I763c055aef45fc17d41a3ba29b4f6ebfe24646cf
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5463164
> Reviewed-by: Dominic Farolino <dom@chromium.org>
> Reviewed-by: Nan Lin <linnan@chromium.org>
> Commit-Queue: Andrew Paseltiner <apaseltiner@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1294868}

Change-Id: I0b25937972ce74dc7519da5f2a6a2664d7ff6134
---
 .../referrer-policy.sub.https.html            | 56 -------------------
 .../request-format.sub.https.html             |  2 +
 attribution-reporting/resources/helpers.js    | 12 ++--
 3 files changed, 6 insertions(+), 64 deletions(-)
 delete mode 100644 attribution-reporting/referrer-policy.sub.https.html

diff --git a/attribution-reporting/referrer-policy.sub.https.html b/attribution-reporting/referrer-policy.sub.https.html
deleted file mode 100644
index ee4e0c9a8c1e54..00000000000000
--- a/attribution-reporting/referrer-policy.sub.https.html
+++ /dev/null
@@ -1,56 +0,0 @@
-<!doctype html>
-<meta charset=utf-8>
-<meta name=timeout content=long>
-<meta name=variant content="?method=a">
-<meta name=variant content="?method=a&noreferrer">
-<meta name=variant content="?method=img">
-<meta name=variant content="?method=img&noreferrer">
-<meta name=variant content="?method=open">
-<meta name=variant content="?method=open&noreferrer">
-<meta name=variant content="?method=script">
-<meta name=variant content="?method=script&noreferrer">
-<script src="/resources/testdriver.js"></script>
-<script src="/resources/testdriver-vendor.js"></script>
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-<script src="resources/helpers.js"></script>
-<body>
-<script>
-const waitForRequest = async () => {
-  const url = blankURL();
-  url.searchParams.set('get-requests', 'true');
-
-  for (let i = 0; i < 20; i++) {
-    const resp = await fetch(url);
-    const payload = await resp.json();
-    if (payload !== null && payload.length > 0) {
-      return payload;
-    }
-    await delay(100);
-  }
-  throw new Error('Timeout polling requests');
-};
-
-const searchParams = new URLSearchParams(location.search);
-
-promise_test(async t => {
-  const noreferrer = searchParams.has('noreferrer');
-
-  await registerAttributionSrc({
-    method: 'variant',
-    extraQueryParams: {'store-request': 'true'},
-    referrerPolicy: noreferrer ? 'no-referrer' : '',
-  });
-
-  const requests = await waitForRequest();
-  assert_equals(requests.length, 1);
-
-  if (noreferrer) {
-    assert_not_own_property(requests[0], 'referer');
-  } else {
-    assert_own_property(requests[0], 'referer');
-    assert_equals(requests[0].referer, location.toString());
-  }
-
-}, 'attributionsrc referrer policy is propagated.');
-</script>
diff --git a/attribution-reporting/request-format.sub.https.html b/attribution-reporting/request-format.sub.https.html
index 83a2d8f6bdfe78..a9e36dd126771f 100644
--- a/attribution-reporting/request-format.sub.https.html
+++ b/attribution-reporting/request-format.sub.https.html
@@ -53,7 +53,9 @@
   } else {
     assert_not_own_property(requests[0], 'attribution-reporting-eligible');
   }
+  assert_equals(requests[0].referer, location.toString());
 
+  // TODO(apaseltiner): Test various referrer policies.
   // TODO(apaseltiner): Test cookie propagation.
 
   const expectedURL = blankURL();
diff --git a/attribution-reporting/resources/helpers.js b/attribution-reporting/resources/helpers.js
index 054df6b97295a5..e5c749931e03c2 100644
--- a/attribution-reporting/resources/helpers.js
+++ b/attribution-reporting/resources/helpers.js
@@ -171,7 +171,6 @@ const registerAttributionSrc = async ({
   extraQueryParams = {},
   reportingOrigin,
   extraHeaders = [],
-  referrerPolicy = '',
 }) => {
   const searchParams = new URLSearchParams(location.search);
 
@@ -202,6 +201,7 @@ const registerAttributionSrc = async ({
     headers.push({name, value: cookie});
   }
 
+
   let credentials;
   if (method === 'fetch') {
     const params = getFetchParams(reportingOrigin, cookie);
@@ -219,7 +219,6 @@ const registerAttributionSrc = async ({
   switch (method) {
     case 'img':
       const img = document.createElement('img');
-      img.referrerPolicy = referrerPolicy;
       if (eligible === null) {
         img.attributionSrc = url;
       } else {
@@ -237,7 +236,6 @@ const registerAttributionSrc = async ({
       return 'event';
     case 'script':
       const script = document.createElement('script');
-      script.referrerPolicy = referrerPolicy;
       if (eligible === null) {
         script.attributionSrc = url;
       } else {
@@ -251,7 +249,6 @@ const registerAttributionSrc = async ({
       return 'event';
     case 'a':
       const a = document.createElement('a');
-      a.referrerPolicy = referrerPolicy;
       a.target = '_blank';
       a.textContent = 'link';
       if (eligible === null) {
@@ -266,13 +263,12 @@ const registerAttributionSrc = async ({
       return 'navigation';
     case 'open':
       await test_driver.bless('open window', () => {
-        const feature = referrerPolicy === 'no-referrer' ? 'noreferrer' : '';
         if (eligible === null) {
           open(
               blankURL(), '_blank',
-              `attributionsrc=${encodeURIComponent(url)} ${feature}`);
+              `attributionsrc=${encodeURIComponent(url)}`);
         } else {
-          open(url, '_blank', `attributionsrc ${feature}`);
+          open(url, '_blank', 'attributionsrc');
         }
       });
       return 'navigation';
@@ -281,7 +277,7 @@ const registerAttributionSrc = async ({
       if (eligible !== null) {
         attributionReporting = JSON.parse(eligible);
       }
-      await fetch(url, {credentials, attributionReporting, referrerPolicy});
+      await fetch(url, {credentials, attributionReporting});
       return 'event';
     }
     case 'xhr':