tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_same_site_cookies_subrequest.sjs (2217B)

      1 // Custom *.sjs file specifically for the needs of Bug 1286861
      2 
      3 // small red image
      4 const IMG_BYTES = atob(
      5   "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
      6     "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg=="
      7 );
      8 
      9 const FRAME = `
     10   <!DOCTYPE html>
     11   <html>
     12   <head>
     13     <title>Bug 1286861 - Add support for same site cookies</title>
     14   </head>
     15   <body>
     16     <img src = "http://mochi.test:8888/tests/dom/security/test/general/file_same_site_cookies_subrequest.sjs?checkCookie">
     17   </body>
     18   </html>`;
     19 
     20 function handleRequest(request, response) {
     21   // avoid confusing cache behaviors
     22   response.setHeader("Cache-Control", "no-cache", false);
     23 
     24   if (request.queryString.includes("setStrictSameSiteCookie")) {
     25     response.setHeader(
     26       "Set-Cookie",
     27       "myKey=strictSameSiteCookie; samesite=strict",
     28       true
     29     );
     30     response.setHeader("Content-Type", "image/png");
     31     response.write(IMG_BYTES);
     32     return;
     33   }
     34 
     35   if (request.queryString.includes("setLaxSameSiteCookie")) {
     36     response.setHeader(
     37       "Set-Cookie",
     38       "myKey=laxSameSiteCookie; samesite=lax",
     39       true
     40     );
     41     response.setHeader("Content-Type", "image/png");
     42     response.write(IMG_BYTES);
     43     return;
     44   }
     45 
     46   // save the object state of the initial request, which returns
     47   // async once the server has processed the img request.
     48   if (request.queryString.includes("queryresult")) {
     49     response.processAsync();
     50     setObjectState("queryResult", response);
     51     return;
     52   }
     53 
     54   if (request.queryString.includes("loadFrame")) {
     55     response.write(FRAME);
     56     return;
     57   }
     58 
     59   if (request.queryString.includes("checkCookie")) {
     60     var cookie = "unitialized";
     61     if (request.hasHeader("Cookie")) {
     62       cookie = request.getHeader("Cookie");
     63     } else {
     64       cookie = "myKey=noCookie";
     65     }
     66     response.setHeader("Content-Type", "image/png");
     67     response.write(IMG_BYTES);
     68 
     69     // return the result
     70     getObjectState("queryResult", function (queryResponse) {
     71       if (!queryResponse) {
     72         return;
     73       }
     74       queryResponse.write(cookie);
     75       queryResponse.finish();
     76     });
     77     return;
     78   }
     79 
     80   // we should never get here, but just in case return something unexpected
     81   response.write("D'oh");
     82 }