tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

automatic-beacon-data-cross-origin-subframe.https.html (2077B)

      1 <!DOCTYPE html>
      2 <title>Test window.fence.setReportEventDataForAutomaticBeacons</title>
      3 <script src="/resources/testharness.js"></script>
      4 <script src="/resources/testharnessreport.js"></script>
      5 <script src="/common/utils.js"></script>
      6 <script src="/common/dispatcher/dispatcher.js"></script>
      7 <script src="resources/utils.js"></script>
      8 <script src="/resources/testdriver.js"></script>
      9 <script src="/resources/testdriver-actions.js"></script>
     10 <script src="/resources/testdriver-vendor.js"></script>
     11 <script src="/common/get-host-info.sub.js"></script>
     12 <script src="resources/automatic-beacon-helper.js"></script>
     13 
     14 <body>
     15 <script>
     16 promise_test(async(t) => {
     17  const fencedframe = await attachFencedFrameContext({
     18    generator_api: 'fledge', register_beacon: true
     19  });
     20 
     21  const beacon = {
     22    eventType: "reserved.top_navigation_start",
     23    eventData: "This is the start data",
     24    destination: ["buyer"],
     25    crossOriginExposed: true
     26  }
     27 
     28  await fencedframe.execute(async (beacon) => {
     29    const iframe = await attachIFrameContext({
     30      origin: get_host_info().HTTPS_REMOTE_ORIGIN,
     31      headers: [['Allow-Fenced-Frame-Automatic-Beacons', 'true']]
     32    });
     33    await setupAutomaticBeacon(iframe, [beacon],
     34        "resources/close.html", NavigationTrigger.ClickOnce,
     35        "_blank");
     36    return iframe.execute(() => {
     37      // Test that automatic beacon data is set correctly in the subframe. Data
     38      // that is not cross-origin exposed should not be able to be set in a
     39      // cross-origin subframe, even if the same frame that sets the data
     40      // triggers the report.
     41      window.fence.setReportEventDataForAutomaticBeacons({
     42        eventType: "reserved.top_navigation_start",
     43        eventData: "This should not be the data",
     44        destination: ["buyer"],
     45        crossOriginExposed: false
     46      });
     47    });
     48  }, [beacon]);
     49 
     50  await multiClick(10, 10, fencedframe.element)
     51 
     52  await verifyBeaconData(beacon.eventType, beacon.eventData,
     53      get_host_info().HTTPS_REMOTE_ORIGIN);
     54 }, 'A cross origin subframe can set automatic beacon data.');
     55 
     56 </script>
     57 </body>