sandbox_corp_iframe.sjs (1499B)
1 /* Any copyright is dedicated to the Public Domain. 2 * http://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 "use strict"; 5 6 function decode(str) { 7 return decodeURIComponent(str.replace(/\+/g, encodeURIComponent(" "))); 8 } 9 10 function handleRequest(request, response) { 11 const queryString = request.queryString; 12 let params = queryString.split("&").reduce((memo, pair) => { 13 let [key, val] = pair.split("="); 14 if (!val) { 15 val = key; 16 key = "query"; 17 } 18 19 try { 20 memo[decode(key)] = decode(val); 21 } catch (e) { 22 memo[key] = val; 23 } 24 25 return memo; 26 }, {}); 27 28 response.setHeader("Content-Type", "text/html", false); 29 30 let destination = "dummy_page"; 31 32 switch (params.error) { 33 case "coop": { 34 destination = "sandbox_corp_popup"; 35 response.setHeader("Cross-Origin-Opener-Policy", "same-origin", false); 36 break; 37 } 38 case "coep": { 39 response.setHeader("Cross-Origin-Opener-Policy", "same-origin", false); 40 response.setHeader("Cross-Origin-Embedder-Policy", "require-corp", false); 41 break; 42 } 43 case "inner_coop": // Only called from popup.html 44 response.setHeader("Cross-Origin-Opener-Policy", "same-origin", false); 45 return; 46 default: 47 return; 48 } 49 50 let txt = `<html><body><iframe src="https://example.com/browser/browser/base/content/test/about/${destination}.html" width=100% height=100% sandbox="allow-popups allow-scripts allow-same-origin"></iframe></body></html>`; 51 response.write(txt); 52 }