tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

iframe-all-local-schemes-inherit-self.sub.html (3068B)

      1 <!DOCTYPE html>
      2 <script src="/resources/testharness.js"></script>
      3 <script src="/resources/testharnessreport.js"></script>
      4 
      5 <meta http-equiv="Content-Security-Policy" content="img-src 'self'">
      6 
      7 <body>
      8 
      9 <script>
     10  function wait_for_error_from_frame(frame, test) {
     11    window.addEventListener('message', test.step_func(e => {
     12      if (e.source != frame.contentWindow)
     13        return;
     14      assert_equals(e.data, "load");
     15      frame.remove();
     16      test.done();
     17    }));
     18  }
     19 
     20  async_test(t => {
     21    var i = document.createElement('iframe');
     22    document.body.appendChild(i);
     23 
     24    var img = document.createElement('img');
     25    img.onload = t.step_func_done(_ => i.remove());
     26    img.onerror = t.unreached_func();
     27    i.contentDocument.body.appendChild(img);
     28    img.src = "{{location[server]}}/images/red-16x16.png";
     29  }, "<iframe>'s about:blank inherits policy.");
     30 
     31  async_test(t => {
     32    var i = document.createElement('iframe');
     33    i.srcdoc = `
     34      <img src='{{location[server]}}/images/red-16x16.png'
     35        onload='window.top.postMessage("load", "*");'
     36        onerror='window.top.postMessage("error", "*");'
     37      >
     38    `;
     39 
     40    wait_for_error_from_frame(i, t);
     41 
     42    document.body.appendChild(i);
     43  }, "<iframe srcdoc>'s inherits policy.");
     44 
     45  async_test(t => {
     46    var i = document.createElement('iframe');
     47    var b = new Blob(
     48      [`
     49        <img src='{{location[server]}}/images/red-16x16.png'
     50          onload='window.top.postMessage("load", "*");'
     51          onerror='window.top.postMessage("error", "*");'
     52        >
     53      `], {type:"text/html"});
     54    i.src = URL.createObjectURL(b);
     55 
     56    wait_for_error_from_frame(i, t);
     57 
     58    document.body.appendChild(i);
     59  }, "<iframe src='blob:...'>'s inherits policy.");
     60 
     61  async_test(t => {
     62    var i = document.createElement('iframe');
     63    i.src = `data:text/html,<img src='{{location[server]}}/images/red-16x16.png'
     64      onload='window.top.postMessage("load", "*");'
     65      onerror='window.top.postMessage("error", "*");'
     66    >`;
     67 
     68    wait_for_error_from_frame(i, t);
     69 
     70    document.body.appendChild(i);
     71  }, "<iframe src='data:...'>'s inherits policy.");
     72 
     73  async_test(t => {
     74    var i = document.createElement('iframe');
     75    i.src = `javascript:"<img src='{{location[server]}}/images/red-16x16.png'
     76      onload='window.top.postMessage(\\"load\\", \\"*\\");'
     77      onerror='window.top.postMessage(\\"error\\", \\"*\\");'
     78    >"`;
     79 
     80    wait_for_error_from_frame(i, t);
     81 
     82    document.body.appendChild(i);
     83  }, "<iframe src='javascript:...'>'s inherits policy.");
     84 
     85  async_test(t => {
     86    var i = document.createElement('iframe');
     87    var b = new Blob(
     88      [`
     89        <img src='{{location[server]}}/images/red-16x16.png'
     90          onload='window.top.postMessage("load", "*");'
     91          onerror='window.top.postMessage("error", "*");'
     92        >
     93      `], {type:"text/html"});
     94    i.src = URL.createObjectURL(b);
     95    i.sandbox = 'allow-scripts';
     96 
     97    wait_for_error_from_frame(i, t);
     98 
     99    document.body.appendChild(i);
    100  }, "<iframe sandbox src='blob:...'>'s inherits policy. (opaque origin sandbox)");
    101 
    102 </script>