jamlee-t
diff --git a/‎third_party/blink/web_tests/external/wpt/common/security-features/tools/util.py
Lines changed: 13 additions & 1 deletion b/‎third_party/blink/web_tests/external/wpt/common/security-features/tools/util.py
Lines changed: 13 additions & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/a-tag.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/a-tag.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/fetch.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/fetch.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/iframe-tag.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/iframe-tag.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/img-tag.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/img-tag.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/script-tag.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/script-tag.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/sharedworker-classic.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/sharedworker-classic.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/sharedworker-module.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/sharedworker-module.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/worker-classic.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/worker-classic.http.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/worker-module.http.html
Lines changed: 1 addition & 1 deletion b/‎third_party/blink/web_tests/external/wpt/referrer-policy/gen/iframe.http-rp/no-referrer-when-downgrade/worker-module.http.html
Lines changed: 1 addition & 1 deletion
@@ -149,7 +149,19 @@ def to_json(self):
     def get_another_policy(self, delivery_type):
         # type: (str) -> PolicyDelivery
         if self.key == 'referrerPolicy':
-            if self.value == 'no-referrer':
+            # Return 'unsafe-url' (i.e. more unsafe policy than `self.value`)
+            # as long as possible, to make sure the tests to fail if the
+            # returned policy is used unexpectedly instead of `self.value`.
+            # Using safer policy wouldn't be distinguishable from acceptable
+            # arbitrary policy enforcement by user agents, as specified at
+            # Step 7 of
+            # https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer:
+            # "The user agent MAY alter referrerURL or referrerOrigin at this
+            # point to enforce arbitrary policy considerations in the
+            # interests of minimizing data leakage."
+            # See also the comments at `referrerUrlResolver` in
+            # `wpt/referrer-policy/generic/test-case.sub.js`.
+            if self.value != 'unsafe-url':
                 return PolicyDelivery(delivery_type, self.key, 'unsafe-url')
             else:
                 return PolicyDelivery(delivery_type, self.key, 'no-referrer')
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>
 
@@ -4,7 +4,7 @@
   <head>
     <meta charset="utf-8">
     <meta name="timeout" content="long">
-    <meta name="referrer" content="no-referrer">
+    <meta name="referrer" content="unsafe-url">
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
     <script src="/common/security-features/resources/common.sub.js"></script>