tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_same_site_cookies_toplevel_nav.sjs (2426B)

      1 // Custom *.sjs file specifically for the needs of Bug 1286861
      2 
      3 // small red image
      4 const IMG_BYTES = atob(
      5   "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
      6     "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg=="
      7 );
      8 
      9 const FRAME = `
     10   <!DOCTYPE html>
     11   <html>
     12   <head>
     13     <title>Bug 1286861 - Add support for same site cookies</title>
     14   </head>
     15   <body>
     16     <script type="application/javascript">
     17       let myWin = window.open("http://mochi.test:8888/tests/dom/security/test/general/file_same_site_cookies_toplevel_nav.sjs?loadWin");
     18     </script>
     19   </body>
     20   </html>`;
     21 
     22 const WIN = `
     23   <!DOCTYPE html>
     24   <html>
     25   <body>
     26     just a dummy window
     27     <script>
     28       window.addEventListener("load",()=>{
     29         window.close();
     30       });
     31     </script>
     32   </body>
     33   </html>`;
     34 
     35 function handleRequest(request, response) {
     36   // avoid confusing cache behaviors
     37   response.setHeader("Cache-Control", "no-cache", false);
     38 
     39   if (request.queryString.includes("setStrictSameSiteCookie")) {
     40     response.setHeader(
     41       "Set-Cookie",
     42       "myKey=strictSameSiteCookie; samesite=strict",
     43       true
     44     );
     45     response.setHeader("Content-Type", "image/png");
     46     response.write(IMG_BYTES);
     47     return;
     48   }
     49 
     50   if (request.queryString.includes("setLaxSameSiteCookie")) {
     51     response.setHeader(
     52       "Set-Cookie",
     53       "myKey=laxSameSiteCookie; samesite=lax",
     54       true
     55     );
     56     response.setHeader("Content-Type", "image/png");
     57     response.write(IMG_BYTES);
     58     return;
     59   }
     60 
     61   // save the object state of the initial request, which returns
     62   // async once the server has processed the img request.
     63   if (request.queryString.includes("queryresult")) {
     64     response.processAsync();
     65     setObjectState("queryResult", response);
     66     return;
     67   }
     68 
     69   if (request.queryString.includes("loadFrame")) {
     70     response.write(FRAME);
     71     return;
     72   }
     73 
     74   if (request.queryString.includes("loadWin")) {
     75     var cookie = "unitialized";
     76     if (request.hasHeader("Cookie")) {
     77       cookie = request.getHeader("Cookie");
     78     } else {
     79       cookie = "myKey=noCookie";
     80     }
     81     response.write(WIN);
     82 
     83     // return the result
     84     getObjectState("queryResult", function (queryResponse) {
     85       if (!queryResponse) {
     86         return;
     87       }
     88       queryResponse.write(cookie);
     89       queryResponse.finish();
     90     });
     91     return;
     92   }
     93 
     94   // we should never get here, but just in case return something unexpected
     95   response.write("D'oh");
     96 }