tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

fence-report-event-cross-origin-nested.https.html (2482B)

      1 <!DOCTYPE html>
      2 <title>Test window.fence.reportEvent from nested cross-origin subframes.</title>
      3 <script src="/resources/testharness.js"></script>
      4 <script src="/resources/testharnessreport.js"></script>
      5 <script src="/common/utils.js"></script>
      6 <script src="/common/dispatcher/dispatcher.js"></script>
      7 <script src="/common/get-host-info.sub.js"></script>
      8 <script src="resources/automatic-beacon-helper.js"></script>
      9 <script src="resources/utils.js"></script>
     10 
     11 <body>
     12 <script>
     13 promise_test(async(t) => {
     14  // This test creates the following frame setup:
     15  // ┌(test)──────────────────────┐
     16  // │┌(a.com)───[fencedframe]───┐│
     17  // ││┌(b.com)──[iframe]───────┐││
     18  // │││┌(b.com)─[iframe]──────┐│││
     19  // ││││reportEvent();        ││││
     20  // │││└──────────────────────┘│││
     21  // ││└────────────────────────┘││
     22  // │└──────────────────────────┘│
     23  // └────────────────────────────┘
     24  const fencedframe = await attachFencedFrameContext({
     25    generator_api: 'fledge',
     26    headers: [[
     27      'Allow-Cross-Origin-Event-Reporting', '?1'
     28    ]],
     29    register_beacon: true
     30  });
     31  await fencedframe.execute(async () => {
     32    const iframe = await attachIFrameContext({
     33      origin: get_host_info().HTTPS_REMOTE_ORIGIN,
     34    });
     35    await iframe.execute(async () => {
     36      const nested_iframe = await attachIFrameContext({
     37        origin: get_host_info().HTTPS_REMOTE_ORIGIN,
     38      });
     39      await nested_iframe.execute(() => {
     40        const destination_url = new URL(BEACON_URL + "?type=url",
     41            get_host_info().HTTPS_ORIGIN);
     42        window.fence.reportEvent({
     43          eventType: "click",
     44          eventData: "enum",
     45          destination: ["buyer"],
     46          crossOriginExposed: true
     47        });
     48        window.fence.reportEvent({
     49          destinationURL: destination_url,
     50          crossOriginExposed: true
     51        });
     52      });
     53    });
     54  });
     55  // Check that both the destination enum and destination URL events were
     56  // reported.
     57  await nextBeacon("click", "enum");
     58  await nextBeacon("url", "<No data>");
     59 }, 'window.fence.reportEvent from a nested cross-origin subframe');
     60 </script>
     61 </body>