tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

header-referrer.js (2153B)

      1 var RESOURCES_DIR = "/beacon/resources/";
      2 
      3 var referrerOrigin = self.location.origin + '/';
      4 var referrerUrl = self.location.href;
      5 
      6 function testReferrerHeader(testBase, expectedReferrer, mayBeBlockedAsMixedContent = false) {
      7  var id = self.token();
      8  var testUrl = testBase + "inspect-header.py?header=referer&cmd=put&id=" + id;
      9 
     10  promise_test(function(test) {
     11    const sentBeacon = navigator.sendBeacon(testUrl);
     12    if (mayBeBlockedAsMixedContent && !sentBeacon)
     13      return Promise.resolve();
     14    assert_true(sentBeacon, "SendBeacon Succeeded");
     15    return pollResult(expectedReferrer, id) .then(result => {
     16      assert_equals(result, expectedReferrer, "Correct referrer header result");
     17    });
     18  }, "Test referer header " + testBase);
     19 }
     20 
     21 function testOriginHeader(testBase, expectedOrigin, addBody) {
     22  var id = self.token();
     23  var testUrl = testBase + "inspect-header.py?header=origin&cmd=put&id=" + id;
     24 
     25  promise_test(function(test) {
     26    const sentBeacon = navigator.sendBeacon(testUrl, addBody ? "data" : undefined);
     27    assert_true(sentBeacon, "SendBeacon Succeeded");
     28    return pollResult(expectedOrigin, id, "origin") .then(result => {
     29      assert_equals(result, expectedOrigin, "Correct origin header result");
     30    });
     31  }, "Test origin header " + testBase + (addBody ? " - with body" : " - without body"));
     32 }
     33 
     34 // SendBeacon is an asynchronous and non-blocking request to a web server.
     35 // We may have to create a poll loop to get result from server
     36 function pollResult(expectedReferrer, id, headerName) {
     37  if (!headerName)
     38    headerName = "referer";
     39  var checkUrl = RESOURCES_DIR + "inspect-header.py?header=" + headerName + "&cmd=get&id=" + id;
     40 
     41  return new Promise(resolve => {
     42    function checkResult() {
     43      fetch(checkUrl).then(
     44        function(response) {
     45          assert_equals(response.status, 200, "Inspect header response's status is 200");
     46          let result = response.headers.get("x-request-" + headerName);
     47 
     48          if (result != undefined) {
     49            resolve(result);
     50          } else {
     51            step_timeout(checkResult.bind(this), 100);
     52          }
     53        });
     54    }
     55 
     56    checkResult();
     57  });
     58 
     59 }