diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html
new file mode 100644
index 0000000000000..d43115dff6550
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html
@@ -0,0 +1,86 @@
+
+
+
Cross-Origin-Embedder-Policy-Report-Only header does not affect the actual behavior
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html.headers b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html.headers
new file mode 100644
index 0000000000000..289659a41fdf4
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/report-only-require-corp.https.html.headers
@@ -0,0 +1 @@
+cross-origin-embedder-policy-report-only: require-corp
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/reporting.https.html b/testing/web-platform/tests/html/cross-origin-embedder-policy/reporting.https.html
new file mode 100644
index 0000000000000..3a0aebe49a7ba
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/reporting.https.html
@@ -0,0 +1,68 @@
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/report.py b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/report.py
new file mode 100644
index 0000000000000..6af23e2a1be4f
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/report.py
@@ -0,0 +1,19 @@
+import json
+
+
+def main(request, response):
+ if request.method == 'OPTIONS':
+
+ response.headers.set('Access-Control-Allow-Origin', '*')
+ response.headers.set('Access-Control-Allow-Methods', 'POST')
+ response.headers.set('Access-Control-Allow-Headers', 'content-type')
+ return ''
+
+ url_dir = '/'.join(request.url_parts.path.split('/')[:-1]) + '/'
+ key = request.GET.first('key')
+ reports = request.server.stash.take(key, url_dir) or []
+ for report in json.loads(request.body):
+ reports.append(report)
+ request.server.stash.put(key, reports, url_dir)
+ response.headers.set('Access-Control-Allow-Origin', '*')
+ return 'done'
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/stash-take.py b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/stash-take.py
new file mode 100644
index 0000000000000..73e0def86caed
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/stash-take.py
@@ -0,0 +1,9 @@
+from wptserve.handlers import json_handler
+
+
+@json_handler
+def main(request, response):
+ path = '/'.join(request.url_parts.path.split('/')[:-1]) + '/'
+ key = request.GET.first('key')
+ response.headers.set('Access-Control-Allow-Origin', '*')
+ return request.server.stash.take(key, path)
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html
new file mode 100644
index 0000000000000..4b029700e0e9a
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html
@@ -0,0 +1,35 @@
+
+
+
+
+
diff --git a/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html.sub.headers b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html.sub.headers
new file mode 100644
index 0000000000000..00609991031ea
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-embedder-policy/resources/subresource-corp.html.sub.headers
@@ -0,0 +1,4 @@
+cache-control: no-store, no-cache
+report-to: { "group": "endpoint", "max_age": 3600, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-embedder-policy/resources/report.py?key={{GET[token1]}}" }] }, { "group": "report-only-endpoint", "max_age": 3600, "endpoints": [{ "url": "https://{{hosts[][www]}}:{{ports[https][0]}}/html/cross-origin-embedder-policy/resources/report.py?key={{GET[token2]}}" }] }
+cross-origin-embedder-policy: require-corp; report-to="endpoint"
+cross-origin-embedder-policy-report-only: require-corp; report-to="report-only-endpoint"