Source code

Revision control

Other Tools

Test Info:

<!doctype html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/common/get-host-info.sub.js"></script>
<script src="/common/utils.js"></script>
<script src="/common/dispatcher/dispatcher.js"></script>
Regression test for:
From a window using Cross-Origin-Opener-Policy:same-origin-allow-popup, open
a new blank window and navigate it cross-origin using document.write and a
meta refresh. The openee/opener relationship must hold.
const executor_path = '/common/dispatcher/executor.html?pipe=';
const coep_soap =
const same_origin = get_host_info().HTTPS_ORIGIN;
const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
promise_test(async t => {
// This window:
const this_window_token = token();
// The opener, using COEP:same-origin-allow-popups:
const opener_token = token();
const opener_url = same_origin + executor_path + coep_soap +
const opener =;
// Open a blank window, then use document.write and a meta refresh to navigate
// cross-origin.
const openee_token = token();
const openee_url = cross_origin + executor_path + `&uuid=${openee_token}`;
send(opener_token, `
openee =;
<meta http-equiv="refresh" content="0; url=${openee_url}">
// Check the openee is loaded without access to the opener.
send(openee_token, `
send("${this_window_token}", opener == null)
assert_equals(await receive(this_window_token), "true", "opener == null");
// To get the state of the openee reflected into the opener's process, waiting
// for the openee' document to load and the various fetch() with the
// dispatcher should be largely enough. However these aren't causal guarantee.
// So wait a bit to be sure:
await new Promise(r => t.step_timeout(r, 1000));
// Check the opener see the openee as 'closed' after the navigation.
send(opener_token, `
send("${this_window_token}", openee.closed)
assert_equals(await receive(this_window_token), "true", "openee.closed");