tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

referrer_test_server.sjs (2798B)

      1 const SJS = "referrer_test_server.sjs?";
      2 const SHARED_KEY = SJS;
      3 
      4 var SAME_ORIGIN = "https://example.com/tests/dom/workers/test/" + SJS;
      5 var CROSS_ORIGIN = "https://test2.example.com/tests/dom/workers/test/" + SJS;
      6 var DOWNGRADE = "http://example.com/tests/dom/workers/test/" + SJS;
      7 
      8 function createUrl(aRequestType, aPolicy) {
      9   var searchParams = new URLSearchParams();
     10   searchParams.append("ACTION", "request-worker");
     11   searchParams.append("Referrer-Policy", aPolicy);
     12   searchParams.append("TYPE", aRequestType);
     13 
     14   var url = SAME_ORIGIN;
     15 
     16   if (aRequestType === "cross-origin") {
     17     url = CROSS_ORIGIN;
     18   } else if (aRequestType === "downgrade") {
     19     url = DOWNGRADE;
     20   }
     21 
     22   return url + searchParams.toString();
     23 }
     24 function createWorker(aRequestType, aPolicy) {
     25   return `
     26     onmessage = function() {
     27       fetch("${createUrl(aRequestType, aPolicy)}").then(function () {
     28         postMessage(42);
     29         close();
     30       });
     31     }
     32   `;
     33 }
     34 
     35 function handleRequest(request, response) {
     36   var params = new URLSearchParams(request.queryString);
     37   var policy = params.get("Referrer-Policy");
     38   var type = params.get("TYPE");
     39   var action = params.get("ACTION");
     40   response.setHeader("Content-Security-Policy", "default-src *", false);
     41   response.setHeader("Access-Control-Allow-Origin", "*", false);
     42 
     43   if (policy) {
     44     response.setHeader("Referrer-Policy", policy, false);
     45   }
     46 
     47   if (action === "test") {
     48     response.setHeader("Content-Type", "text/javascript", false);
     49     response.write(createWorker(type, policy));
     50     return;
     51   }
     52 
     53   if (action === "resetState") {
     54     setSharedState(SHARED_KEY, "{}");
     55     response.write("");
     56     return;
     57   }
     58 
     59   if (action === "get-test-results") {
     60     response.setHeader("Cache-Control", "no-cache", false);
     61     response.setHeader("Content-Type", "text/plain", false);
     62     response.write(getSharedState(SHARED_KEY));
     63     return;
     64   }
     65 
     66   if (action === "request-worker") {
     67     var result = getSharedState(SHARED_KEY);
     68     result = result ? JSON.parse(result) : {};
     69     var referrerLevel = "none";
     70     var test = {};
     71 
     72     if (request.hasHeader("Referer")) {
     73       var referrer = request.getHeader("Referer");
     74       if (referrer.indexOf("referrer_test_server") > 0) {
     75         referrerLevel = "full";
     76       } else if (referrer.indexOf("https://example.com") == 0) {
     77         referrerLevel = "origin";
     78       } else {
     79         // this is never supposed to happen
     80         referrerLevel = "other-origin";
     81       }
     82       test.referrer = referrer;
     83     } else {
     84       test.referrer = "";
     85     }
     86 
     87     test.policy = referrerLevel;
     88     test.expected = policy;
     89 
     90     // test id equals type + "-" + policy
     91     // Ex: same-origin-default
     92     result[type + "-" + policy] = test;
     93     setSharedState(SHARED_KEY, JSON.stringify(result));
     94 
     95     response.write("'hello world'");
     96   }
     97 }