tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

feature-policy.sub.https.html (4447B)

      1 <html>
      2 <body>
      3 <script src="/resources/testharness.js"></script>
      4 <script src="/resources/testharnessreport.js"></script>
      5 <script src="/common/get-host-info.sub.js"></script>
      6 <script>
      7 
      8 // If the response for the HTML file contains "Accept-CH" in the response
      9 // headers, then the browser should attach the specified client hints in the
     10 // HTTP request headers depending on whether the resource is being fetched from
     11 // the same origin or a different origin. Test this functionality by fetching
     12 // same-origin and cross-origin resources from this page. The response headers
     13 // for this page include "Accept-CH: device-memory, dpr, viewport-width, rtt, downlink, ect".
     14 //
     15 // resources/echo-client-hints-received.py sets the response headers depending on the set
     16 // of client hints it receives in the request headers.
     17 
     18 promise_test(t => {
     19  return fetch(get_host_info()["HTTPS_ORIGIN"] + "/client-hints/resources/echo-client-hints-received.py").then(r => {
     20    assert_equals(r.status, 200)
     21    // Verify that the browser includes client hints in the headers for a
     22    // same-origin fetch which not specifically excluded via Feature-Policy.
     23    assert_true(r.headers.has("device-memory-received"), "device-memory-received");
     24    assert_true(r.headers.has("device-memory-deprecated-received"), "device-memory-deprecated-received");
     25    assert_false(r.headers.has("dpr-received"), "dpr-received");
     26    assert_false(r.headers.has("dpr-deprecated-received"), "dpr-deprecated-received");
     27    assert_true(r.headers.has("viewport-width-received"), "viewport-width-received");
     28    assert_true(r.headers.has("viewport-width-deprecated-received"), "viewport-width-deprecated-received");
     29 
     30    assert_true(r.headers.has("rtt-received"), "rtt-received");
     31    var rtt = parseInt(r.headers.get("rtt-received"));
     32    assert_greater_than_equal(rtt, 0);
     33    assert_less_than_equal(rtt, 3000);
     34    assert_equals(rtt % 50, 0, 'rtt must be a multiple of 50 msec');
     35 
     36    assert_true(r.headers.has("downlink-received"), "downlink-received");
     37    var downlinkKbps  = r.headers.get("downlink-received") * 1000;
     38    assert_greater_than_equal(downlinkKbps, 0);
     39    assert_less_than_equal(downlinkKbps, 10000);
     40 
     41    assert_in_array(r.headers.get("ect-received"), ["slow-2g", "2g",
     42          "3g", "4g"], 'ect-received is unexpected');
     43 
     44    assert_true(r.headers.has("mobile-received"));
     45    assert_in_array(r.headers.get("mobile-received"), ["?0", "?1"], 'mobile is unexpected');
     46    assert_false(r.headers.has("prefers-color-scheme-received"), "prefers-color-scheme-received");
     47    assert_false(r.headers.has("prefers-reduced-motion-received"), "prefers-reduced-motion-received");
     48    assert_false(r.headers.has("prefers-reduced-transparency-received"), "prefers-reduced-transparency-received");
     49    assert_false(r.headers.has("viewport-height-received"), "viewport-height-received");
     50  });
     51 }, "Accept-CH header test");
     52 
     53 promise_test(t => {
     54  return fetch(get_host_info()["HTTPS_REMOTE_ORIGIN"] + "/client-hints/resources/echo-client-hints-received.py").then(r => {
     55    assert_equals(r.status, 200)
     56    // Verify that the browser includes client hints in the headers for a
     57    // cross-origin fetch which are specifically requested via Feature-Policy.
     58    assert_true(r.headers.has("device-memory-received"), "device-memory-received");
     59    assert_true(r.headers.has("device-memory-deprecated-received"), "device-memory-deprecated-received");
     60    assert_false(r.headers.has("dpr-received"), "dpr-received");
     61    assert_false(r.headers.has("dpr-deprecated-received"), "dpr-deprecated-received");
     62    assert_false(r.headers.has("viewport-width-received"), "viewport-width-received");
     63    assert_false(r.headers.has("viewport-width-deprecated-received"), "viewport-width-deprecated-received");
     64    assert_false(r.headers.has("rtt-received"), "rtt-received");
     65    assert_false(r.headers.has("downlink-received"), "downlink-received");
     66    assert_false(r.headers.has("ect-received"), "ect-received");
     67    assert_false(r.headers.has("prefers-color-scheme-received"), "prefers-color-scheme-received");
     68    assert_false(r.headers.has("prefers-reduced-motion-received"), "prefers-reduced-motion-received");
     69    assert_false(r.headers.has("prefers-reduced-transparency-received"), "prefers-reduced-transparency-received");
     70    assert_false(r.headers.has("viewport-height-received"), "viewport-height-received");
     71  });
     72 }, "Cross-Origin Accept-CH header test");
     73 
     74 
     75 
     76 </script>
     77 
     78 </body>
     79 </html>