tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_break_endless_upgrade_downgrade_loop.sjs (2077B)

      1 // Custom *.sjs file specifically for the needs of Bug 1691888
      2 "use strict";
      3 
      4 const REDIRECT_META = `
      5   <html>
      6   <head>
      7     <meta http-equiv="refresh" content="0; url='http://example.com/tests/dom/security/test/https-only/file_break_endless_upgrade_downgrade_loop.sjs?test1'">
      8   </head>
      9   <body>
     10     META REDIRECT
     11   </body>
     12   </html>`;
     13 
     14 const REDIRECT_JS = `
     15   <html>
     16    <body>
     17      JS REDIRECT
     18      <script>
     19        let url= "http://example.com/tests/dom/security/test/https-only/file_break_endless_upgrade_downgrade_loop.sjs?test2";
     20        window.location = url;
     21      </script>
     22    </body>
     23    </html>`;
     24 
     25 const REDIRECT_302 =
     26   "http://example.com/tests/dom/security/test/https-only/file_break_endless_upgrade_downgrade_loop.sjs?test3";
     27 
     28 const REDIRECT_302_DIFFERENT_PATH =
     29   "http://example.com/tests/dom/security/test/https-only/file_break_endless_upgrade_downgrade_loop.sjs?verify";
     30 
     31 function handleRequest(request, response) {
     32   // avoid confusing cache behaviour
     33   response.setHeader("Cache-Control", "no-cache", false);
     34   response.setHeader("Content-Type", "text/html", false);
     35 
     36   // if the scheme is not https, meaning that the initial request did not
     37   // get upgraded, then we rather fall through and display unexpected content.
     38   if (request.scheme == "https") {
     39     let query = request.queryString;
     40 
     41     if (query == "test1") {
     42       response.write(REDIRECT_META);
     43       return;
     44     }
     45 
     46     if (query == "test2") {
     47       response.write(REDIRECT_JS);
     48       return;
     49     }
     50 
     51     if (query == "test3") {
     52       response.setStatusLine("1.1", 302, "Found");
     53       response.setHeader("Location", REDIRECT_302, false);
     54       return;
     55     }
     56 
     57     if (query == "test4") {
     58       response.setStatusLine("1.1", 302, "Found");
     59       response.setHeader("Location", REDIRECT_302_DIFFERENT_PATH, false);
     60       return;
     61     }
     62 
     63     if (query == "verify") {
     64       response.write("<html><body>OK :)</body></html>");
     65       return;
     66     }
     67   }
     68 
     69   // we should never get here, just in case,
     70   // let's return something unexpected
     71   response.write("<html><body>DO NOT DISPLAY THIS</body></html>");
     72 }