tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

unique-origin.js (2613B)

      1 function runTest(config) {
      2    // When the sandbox attribute is present on an iframe, it will
      3    // treat the content as being from a unique origin. So try to
      4    // call createMediaKeys() inside an iframe and it should fail.
      5 
      6    function load_iframe(src, sandbox) {
      7        return new Promise(function (resolve) {
      8            var iframe = document.createElement('iframe');
      9            iframe.onload = function () {
     10                resolve(iframe);
     11            };
     12            iframe.sandbox = sandbox;
     13            iframe.srcdoc = src;
     14            document.documentElement.appendChild(iframe);
     15        });
     16    }
     17 
     18    function wait_for_message() {
     19        return new Promise(function (resolve) {
     20            self.addEventListener('message', function listener(e) {
     21                resolve(e.data);
     22                self.removeEventListener('message', listener);
     23            });
     24        });
     25    }
     26 
     27    promise_test(function (test) {
     28        var script =
     29          '<script>' +
     30          '    window.onmessage = function(e) {' +
     31          '        navigator.requestMediaKeySystemAccess("' + config.keysystem + '", [{' +
     32          '           initDataTypes: [\"' + config.initDataType + '\"],' +
     33          '           audioCapabilities: [' +
     34          '               { contentType:\'' + config.audioType + '\'},' +
     35          '           ]' +
     36          '       }]).then(function(access) {' +
     37          '            return access.createMediaKeys();' +
     38          '        }).then(function(mediaKeys) {' +
     39          '            window.parent.postMessage({result: \'allowed\'}, \'*\');' +
     40          '        }, function(error) {' +
     41          '            window.parent.postMessage({result: \'failed\'}, \'*\');' +
     42          '        });' +
     43          '    };' +
     44          '<\/script>';
     45 
     46        // Verify that this page can create a MediaKeys first.
     47        return navigator.requestMediaKeySystemAccess(config.keysystem, [{
     48            initDataTypes: [config.initDataType],
     49            audioCapabilities: [
     50                {contentType: config.audioType},
     51            ]
     52        }]).then(function (access) {
     53            return access.createMediaKeys();
     54        }).then(function (mediaKeys) {
     55            // Success, so now create the iframe and try there.
     56            return load_iframe(script, 'allow-scripts allow-secure-context');
     57        }).then(function (iframe) {
     58            iframe.contentWindow.postMessage({}, '*');
     59            return wait_for_message();
     60        }).then(function (message) {
     61            assert_equals(message.result, 'failed');
     62        });
     63    }, 'Unique origin is unable to create MediaKeys');
     64 }