tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

cookie.sjs (4312B)

      1 function handleRequest(aRequest, aResponse) {
      2   let parts = aRequest.queryString.split("&");
      3   if (parts.includes("window")) {
      4     aResponse.setStatusLine(aRequest.httpVersion, 200);
      5     aResponse.setHeader("Content-Type", "text/html");
      6     aResponse.setHeader("Clear-Site-Data", '"cache", "cookies", "storage"');
      7     aResponse.write("<body><h1>Welcome</h1></body>");
      8     return;
      9   }
     10 
     11   if (parts.includes("fetch")) {
     12     setState(
     13       "data",
     14       JSON.stringify({ type: "fetch", hasCookie: aRequest.hasHeader("Cookie") })
     15     );
     16     aResponse.write("Hello world!");
     17     return;
     18   }
     19 
     20   if (parts.includes("xhr")) {
     21     setState(
     22       "data",
     23       JSON.stringify({ type: "xhr", hasCookie: aRequest.hasHeader("Cookie") })
     24     );
     25     aResponse.write("Hello world!");
     26     return;
     27   }
     28 
     29   if (parts.includes("image")) {
     30     setState(
     31       "data",
     32       JSON.stringify({ type: "image", hasCookie: aRequest.hasHeader("Cookie") })
     33     );
     34 
     35     // A 1x1 PNG image.
     36     // Source: https://commons.wikimedia.org/wiki/File:1x1.png (Public Domain)
     37     const IMAGE = atob(
     38       "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAAA1BMVEUAA" +
     39         "ACnej3aAAAAAXRSTlMAQObYZgAAAApJREFUCNdjYAAAAAIAAeIhvDMAAAAASUVORK5CYII="
     40     );
     41 
     42     aResponse.setHeader("Content-Type", "image/png", false);
     43     aResponse.write(IMAGE);
     44     return;
     45   }
     46 
     47   if (parts.includes("script")) {
     48     setState(
     49       "data",
     50       JSON.stringify({
     51         type: "script",
     52         hasCookie: aRequest.hasHeader("Cookie"),
     53       })
     54     );
     55 
     56     aResponse.setHeader("Content-Type", "text/javascript", false);
     57     aResponse.write("window.scriptLoaded();");
     58     return;
     59   }
     60 
     61   if (parts.includes("worker")) {
     62     setState(
     63       "data",
     64       JSON.stringify({
     65         type: "worker",
     66         hasCookie: aRequest.hasHeader("Cookie"),
     67       })
     68     );
     69 
     70     function w() {
     71       onmessage = e => {
     72         if (e.data == "subworker") {
     73           importScripts("cookie.sjs?subworker&" + Math.random());
     74           postMessage(42);
     75           return;
     76         }
     77 
     78         if (e.data == "fetch") {
     79           fetch("cookie.sjs?fetch&" + Math.random())
     80             .then(r => r.text())
     81             .then(_ => postMessage(42));
     82           return;
     83         }
     84 
     85         if (e.data == "xhr") {
     86           let xhr = new XMLHttpRequest();
     87           xhr.open("GET", "cookie.sjs?xhr&" + Math.random());
     88           xhr.send();
     89           xhr.onload = _ => postMessage(42);
     90         }
     91       };
     92       postMessage(42);
     93     }
     94 
     95     aResponse.setHeader("Content-Type", "text/javascript", false);
     96     aResponse.write(w.toString() + "; w();");
     97     return;
     98   }
     99 
    100   if (parts.includes("subworker")) {
    101     setState(
    102       "data",
    103       JSON.stringify({
    104         type: "subworker",
    105         hasCookie: aRequest.hasHeader("Cookie"),
    106       })
    107     );
    108     aResponse.setHeader("Content-Type", "text/javascript", false);
    109     aResponse.write("42");
    110     return;
    111   }
    112 
    113   if (parts.includes("sharedworker")) {
    114     setState(
    115       "data",
    116       JSON.stringify({
    117         type: "sharedworker",
    118         hasCookie: aRequest.hasHeader("Cookie"),
    119       })
    120     );
    121 
    122     // This function is exported as a string.
    123     /* eslint-disable no-undef */
    124     function w() {
    125       onconnect = e => {
    126         e.ports[0].onmessage = evt => {
    127           if (evt.data == "subworker") {
    128             importScripts("cookie.sjs?subworker&" + Math.random());
    129             e.ports[0].postMessage(42);
    130             return;
    131           }
    132 
    133           if (evt.data == "fetch") {
    134             fetch("cookie.sjs?fetch&" + Math.random())
    135               .then(r => r.text())
    136               .then(_ => e.ports[0].postMessage(42));
    137             return;
    138           }
    139 
    140           if (evt.data == "xhr") {
    141             let xhr = new XMLHttpRequest();
    142             xhr.open("GET", "cookie.sjs?xhr&" + Math.random());
    143             xhr.send();
    144             xhr.onload = _ => e.ports[0].postMessage(42);
    145           }
    146         };
    147         e.ports[0].postMessage(42);
    148       };
    149     }
    150     /* eslint-enable no-undef */
    151 
    152     aResponse.setHeader("Content-Type", "text/javascript", false);
    153     aResponse.write(w.toString() + "; w();");
    154     return;
    155   }
    156 
    157   if (parts.includes("last")) {
    158     let data = getState("data");
    159     setState("data", "");
    160     aResponse.write(data);
    161     return;
    162   }
    163 
    164   aResponse.setStatusLine(aRequest.httpVersion, 400);
    165   aResponse.write("Invalid request");
    166 }