tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_iframe_sandbox_b_if3.html (3033B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <head>
      4  <meta charset="utf-8">
      5  <title>Test for Bug 341604</title>
      6  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
      7 </head>
      8 <script>
      9  function ok(result, message) {
     10    window.parent.postMessage({ok: result, desc: message}, "*");
     11  }
     12 
     13  function testXHR() {
     14    // Standard URL should be blocked as we have a unique origin.
     15    var xhr = new XMLHttpRequest();
     16    xhr.open("GET", "file_iframe_sandbox_b_if1.html");
     17    xhr.onreadystatechange = function (oEvent) {
     18      var result = false;
     19      if (xhr.readyState == 4) {
     20        if (xhr.status == 0) {
     21          result = true;
     22        }
     23        ok(result, "XHR should be blocked in an iframe sandboxed WITHOUT 'allow-same-origin'");
     24      }
     25    }
     26    xhr.send(null);
     27 
     28    // Blob URL should work as it will have our unique origin.
     29    var blobXhr = new XMLHttpRequest();
     30    var blobUrl = URL.createObjectURL(new Blob(["wibble"], {type: "text/plain"}));
     31    blobXhr.open("GET", blobUrl);
     32    blobXhr.onreadystatechange = function () {
     33      if (this.readyState == 4) {
     34        ok(this.status == 200 && this.response == "wibble", "XHR for a blob URL created in this document should NOT be blocked in an iframe sandboxed WITHOUT 'allow-same-origin'");
     35      }
     36    }
     37    try {
     38      blobXhr.send();
     39    } catch(e) {
     40      ok(false, "failed to send XHR for blob URL: error: " + e);
     41    }
     42 
     43    // Data URL should work as it inherits the loader's origin.
     44    var dataXhr = new XMLHttpRequest();
     45    dataXhr.open("GET", "data:text/html,wibble");
     46    dataXhr.onreadystatechange = function () {
     47      if (this.readyState == 4) {
     48        ok(this.status == 200 && this.response == "wibble", "XHR for a data URL should NOT be blocked in an iframe sandboxed WITHOUT 'allow-same-origin'");
     49      }
     50    }
     51    try {
     52      dataXhr.send();
     53    } catch(e) {
     54      ok(false, "failed to send XHR for data URL: error: " + e);
     55    }
     56  }
     57 
     58  function doStuff() {
     59    try {
     60      window.parent.ok(false, "documents sandboxed without 'allow-same-origin' should NOT be able to access their parent");
     61    } catch (error) {
     62      ok(true, "documents sandboxed without 'allow-same-origin' should NOT be able to access their parent");
     63    }
     64 
     65    // should NOT be able to access document.cookie
     66    try {
     67      var foo = document.cookie;
     68    } catch(error) {
     69      ok(true, "a document sandboxed without allow-same-origin should NOT be able to access document.cookie");
     70    }
     71 
     72    // should NOT be able to access localStorage
     73    try {
     74      var foo = window.localStorage;
     75    } catch(error) {
     76      ok(true, "a document sandboxed without allow-same-origin should NOT be able to access localStorage");
     77    }
     78 
     79    // should NOT be able to access sessionStorage
     80    try {
     81      var foo = window.sessionStorage;
     82    } catch(error) {
     83      ok(true, "a document sandboxed without allow-same-origin should NOT be able to access sessionStorage");
     84    }
     85 
     86    testXHR();
     87  }
     88 </script>
     89 <body onLoad="doStuff()">
     90  I am sandboxed but with "allow-scripts"
     91 </body>
     92 </html>