tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_iframe_sandbox_g_if1.html (2062B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <head>
      4  <meta charset="utf-8">
      5  <title>Test for Bug 341604</title>
      6  <script src="/tests/SimpleTest/EventUtils.js"></script>
      7  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
      8 </head>
      9 <script type="text/javascript">
     10  function ok(result, desc) {
     11    window.parent.postMessage({ok: result, desc}, "*");
     12  }
     13 
     14  function doStuff() {
     15    // test data URI
     16 
     17    // self.onmessage = function(event) {
     18    //   self.postMessage('make it so');
     19    // };
     20    var data_url = "data:text/plain;charset=utf-8;base64,c2VsZi5vbm1lc3NhZ2UgPSBmdW5jdGlvbihldmVudCkgeyAgDQogICAgc2VsZi5wb3N0TWVzc2FnZSgnbWFrZSBpdCBzbycpOyAgDQp9Ow==";
     21    var worker_data = new Worker(data_url);
     22    worker_data.addEventListener('message', function(event) {
     23      ok(true, "a worker in a sandboxed document should be able to be loaded from a data: URI");
     24    });
     25 
     26    worker_data.postMessage("engage!");
     27 
     28    // test a blob URI we created (will have the same null principal
     29    // as us
     30    var b = new Blob(["onmessage = function(event) { self.postMessage('make it so');};"]);
     31 
     32    var blobURL = URL.createObjectURL(b);
     33 
     34    var worker_blob = new Worker(blobURL);
     35 
     36    worker_blob.addEventListener('message', function(event) {
     37      ok(true, "a worker in a sandboxed document should be able to be loaded from a blob URI " +
     38         "created by that sandboxed document");
     39    });
     40 
     41    worker_blob.postMessage("engage!");
     42 
     43    // test loading with relative url - this should fail since we are
     44    // sandboxed and have a null principal
     45    var worker_js = new Worker('file_iframe_sandbox_worker.js');
     46    worker_js.onerror = function(error) {
     47      ok(true, "a worker in a sandboxed document should tell the load error via error event");
     48    }
     49 
     50    worker_js.addEventListener('message', function(event) {
     51      ok(false, "a worker in a sandboxed document should not be able to load from a relative URI");
     52    });
     53 
     54    worker_js.postMessage('engage');
     55  }
     56 </script>
     57 <body onload='doStuff();'>
     58  I am sandboxed but with "allow-scripts"
     59 </body>
     60 </html>