1 files changed, 55 insertions, 0 deletions

diff --git a/dom/security/test/csp/file_referrerdirective.html b/dom/security/test/csp/file_referrerdirective.html
new file mode 100644
index 0000000000..841ffe0587
--- /dev/null
+++ b/dom/security/test/csp/file_referrerdirective.html
@@ -0,0 +1,55 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+<title>Subframe test for bug 965727</title>
+
+<script type="text/javascript">
+// we can get the ID out of the querystring.
+var args = document.location.search.substring(1).split('&');
+var id = "unknown";
+for (var i=0; i < args.length; i++) {
+  var arg = unescape(args[i]);
+  if (arg.indexOf('=') > 0 && arg.indexOf('id') == 0) {
+    id = arg.split('=')[1].trim();
+  }
+}
+
+var results = {
+  'id': id,
+  'referrer': document.location.href,
+  'results': {
+    'sameorigin': false,
+    'crossorigin': false,
+    'downgrade': false
+  }
+};
+
+// this is called back by each script load.
+var postResult = function(loadType, referrerLevel, referrer) {
+  results.results[loadType] = referrerLevel;
+
+  // and then check if all three have loaded.
+  for (var id in results.results) {
+    if (!results.results[id]) {
+      return;
+    }
+  }
+  //finished if we don't return early
+  window.parent.postMessage(JSON.stringify(results), "*");
+  console.log(JSON.stringify(results));
+}
+
+</script>
+</head>
+<body>
+Testing ...
+
+<script src="https://example.com/tests/dom/security/test/csp/referrerdirective.sjs?type=sameorigin&"
+        onerror="postResult('sameorigin', 'error');"></script>
+<script src="https://test2.example.com/tests/dom/security/test/csp/referrerdirective.sjs?type=crossorigin&"
+        onerror="postResult('crossorigin', 'error');"></script>
+<script src="http://example.com/tests/dom/security/test/csp/referrerdirective.sjs?type=downgrade&"
+        onerror="postResult('downgrade', 'error');"></script>
+
+</body>
+</html>