tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_CrossSiteXHR_inner_data.sjs (2878B)

      1 var data =
      2   '<!DOCTYPE HTML>\n\
      3 <html>\n\
      4 <head>\n\
      5 <script>\n\
      6 window.addEventListener("message", function(e) {\n\
      7 \n\
      8   sendData = null;\n\
      9 \n\
     10   req = JSON.parse(e.data);\n\
     11   var res = {\n\
     12     didFail: false,\n\
     13     events: [],\n\
     14     progressEvents: 0\n\
     15   };\n\
     16   \n\
     17   var xhr = new XMLHttpRequest();\n\
     18   for (type of ["load", "abort", "error", "loadstart", "loadend"]) {\n\
     19     xhr.addEventListener(type, function(e) {\n\
     20       res.events.push(e.type);\n\
     21     }, false);\n\
     22   }\n\
     23   xhr.addEventListener("readystatechange", function(e) {\n\
     24     res.events.push("rs" + xhr.readyState);\n\
     25   }, false);\n\
     26   xhr.addEventListener("progress", function(e) {\n\
     27     res.progressEvents++;\n\
     28   }, false);\n\
     29   if (req.uploadProgress) {\n\
     30     xhr.upload.addEventListener(req.uploadProgress, function(e) {\n\
     31       res.progressEvents++;\n\
     32     }, false);\n\
     33   }\n\
     34   xhr.onerror = function(e) {\n\
     35     res.didFail = true;\n\
     36   };\n\
     37   xhr.onloadend = function (event) {\n\
     38     res.status = xhr.status;\n\
     39     try {\n\
     40       res.statusText = xhr.statusText;\n\
     41     } catch (e) {\n\
     42       delete(res.statusText);\n\
     43     }\n\
     44     res.responseXML = xhr.responseXML ?\n\
     45       (new XMLSerializer()).serializeToString(xhr.responseXML) :\n\
     46       null;\n\
     47     res.responseText = xhr.responseText;\n\
     48 \n\
     49     res.responseHeaders = {};\n\
     50     for (responseHeader in req.responseHeaders) {\n\
     51       res.responseHeaders[responseHeader] =\n\
     52         xhr.getResponseHeader(responseHeader);\n\
     53     }\n\
     54     res.allResponseHeaders = {};\n\
     55     var splitHeaders = xhr.getAllResponseHeaders().split("\\r\\n");\n\
     56     for (var i = 0; i < splitHeaders.length; i++) {\n\
     57       var headerValuePair = splitHeaders[i].split(":");\n\
     58         if(headerValuePair[1] != null){\n\
     59           var headerName = trimString(headerValuePair[0]);\n\
     60           var headerValue = trimString(headerValuePair[1]); \n\
     61           res.allResponseHeaders[headerName] = headerValue;\n\
     62         }\n\
     63     }\n\
     64     post(e, res);\n\
     65   }\n\
     66 \n\
     67   if (req.withCred)\n\
     68     xhr.withCredentials = true;\n\
     69   if (req.body)\n\
     70     sendData = req.body;\n\
     71 \n\
     72   res.events.push("opening");\n\
     73   xhr.open(req.method, req.url, true);\n\
     74 \n\
     75   for (header in req.headers) {\n\
     76     xhr.setRequestHeader(header, req.headers[header]);\n\
     77   }\n\
     78 \n\
     79   res.events.push("sending");\n\
     80   xhr.send(sendData);\n\
     81 \n\
     82 }, false);\n\
     83 \n\
     84 function post(e, res) {\n\
     85   e.source.postMessage(JSON.stringify(res), "*");\n\
     86 }\n\
     87 function trimString(stringValue) {\n\
     88   return stringValue.replace("/^s+|s+$/g","");\n\
     89 };\n\
     90 \n\
     91 </script>\n\
     92 </head>\n\
     93 <body>\n\
     94 Inner page\n\
     95 </body>\n\
     96 </html>';
     97 
     98 function handleRequest(request, response) {
     99   response.setStatusLine(null, 302, "Follow me");
    100   response.setHeader("Location", "data:text/html," + escape(data));
    101   response.setHeader("Content-Type", "text/plain");
    102   response.write("Follow that guy!");
    103 }