tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

browser_origin_trial_coep_credentialless_worker.js (4299B)

      1 const TOP_LEVEL_URL =
      2  getRootDirectory(gTestPath).replace(
      3    "chrome://mochitests/content",
      4    "https://example.com"
      5  ) + "open_credentialless_document.sjs";
      6 
      7 const WORKER_URL =
      8  getRootDirectory(gTestPath).replace(
      9    "chrome://mochitests/content",
     10    "https://example.com"
     11  ) + "credentialless_worker.sjs";
     12 
     13 const GET_STATE_URL =
     14  getRootDirectory(gTestPath).replace(
     15    "chrome://mochitests/content",
     16    "https://example.com"
     17  ) + "store_header.sjs?getstate";
     18 
     19 const SAME_ORIGIN = "https://example.com";
     20 const CROSS_ORIGIN = "https://test1.example.com";
     21 
     22 const WORKER_USES_CREDENTIALLESS = "credentialless";
     23 const WORKER_NOT_USE_CREDENTIALLESS = "";
     24 
     25 async function addCookieToOrigin(origin) {
     26  const fetchRequestURL =
     27    getRootDirectory(gTestPath).replace("chrome://mochitests/content", origin) +
     28    "store_header.sjs?addcookie";
     29 
     30  const addcookieTab = await BrowserTestUtils.openNewForegroundTab(
     31    gBrowser,
     32    fetchRequestURL
     33  );
     34 
     35  await SpecialPowers.spawn(addcookieTab.linkedBrowser, [], async function () {
     36    content.document.cookie = "coep=credentialless; SameSite=None; Secure";
     37  });
     38  await BrowserTestUtils.removeTab(addcookieTab);
     39 }
     40 
     41 async function testOrigin(
     42  fetchOrigin,
     43  isCredentialless,
     44  workerUsesCredentialless,
     45  expectedCookieResult
     46 ) {
     47  let topLevelUrl = TOP_LEVEL_URL;
     48  if (isCredentialless) {
     49    topLevelUrl += "?credentialless";
     50  }
     51  const noCredentiallessTab = await BrowserTestUtils.openNewForegroundTab(
     52    gBrowser,
     53    topLevelUrl
     54  );
     55 
     56  const fetchRequestURL =
     57    getRootDirectory(gTestPath).replace(
     58      "chrome://mochitests/content",
     59      fetchOrigin
     60    ) + "store_header.sjs?checkheader";
     61 
     62  let workerScriptURL = WORKER_URL + "?" + workerUsesCredentialless;
     63 
     64  await SpecialPowers.spawn(
     65    noCredentiallessTab.linkedBrowser,
     66    [fetchRequestURL, GET_STATE_URL, workerScriptURL, expectedCookieResult],
     67    async function (
     68      fetchRequestURL,
     69      getStateURL,
     70      workerScriptURL,
     71      expectedCookieResult
     72    ) {
     73      const worker = new content.Worker(workerScriptURL, {});
     74 
     75      // When the worker receives this message, it'll send
     76      // a fetch request to fetchRequestURL, and fetchRequestURL
     77      // will store whether it has received the cookie as a
     78      // shared state.
     79      worker.postMessage(fetchRequestURL);
     80 
     81      if (expectedCookieResult == "error") {
     82        await new Promise(r => {
     83          worker.onerror = function () {
     84            ok(true, "worker has error");
     85            r();
     86          };
     87        });
     88      } else {
     89        await new Promise(r => {
     90          worker.addEventListener("message", async function () {
     91            // This request is used to get the saved state from the
     92            // previous fetch request.
     93            const response = await content.fetch(getStateURL, {
     94              mode: "cors",
     95            });
     96            const text = await response.text();
     97            is(text, expectedCookieResult);
     98            r();
     99          });
    100        });
    101      }
    102    }
    103  );
    104  await BrowserTestUtils.removeTab(noCredentiallessTab);
    105 }
    106 
    107 async function dedicatedWorkerTest(
    108  origin,
    109  workerCOEP,
    110  expectedCookieResultForNoCredentialless,
    111  expectedCookieResultForCredentialless
    112 ) {
    113  await testOrigin(
    114    origin,
    115    false,
    116    workerCOEP,
    117    expectedCookieResultForNoCredentialless
    118  );
    119  await testOrigin(
    120    origin,
    121    true,
    122    workerCOEP,
    123    expectedCookieResultForCredentialless
    124  );
    125 }
    126 
    127 add_task(async function () {
    128  await SpecialPowers.pushPrefEnv({
    129    set: [
    130      ["browser.tabs.remote.coep.credentialless", false], // Explicitly set credentialless to false because we want to test origin trial
    131      ["dom.origin-trials.enabled", true],
    132      ["dom.origin-trials.test-key.enabled", true],
    133    ],
    134  });
    135 
    136  await addCookieToOrigin(SAME_ORIGIN);
    137  await addCookieToOrigin(CROSS_ORIGIN);
    138 
    139  await dedicatedWorkerTest(
    140    SAME_ORIGIN,
    141    WORKER_NOT_USE_CREDENTIALLESS,
    142    "hasCookie",
    143    "error"
    144  );
    145  await dedicatedWorkerTest(
    146    SAME_ORIGIN,
    147    WORKER_USES_CREDENTIALLESS,
    148    "hasCookie",
    149    "hasCookie"
    150  );
    151 
    152  await dedicatedWorkerTest(
    153    CROSS_ORIGIN,
    154    WORKER_NOT_USE_CREDENTIALLESS,
    155    "hasCookie",
    156    "error"
    157  );
    158  await dedicatedWorkerTest(
    159    CROSS_ORIGIN,
    160    WORKER_USES_CREDENTIALLESS,
    161    "noCookie",
    162    "noCookie"
    163  );
    164 });