tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

request-headers.any.js (5216B)

      1 // META: global=window,worker
      2 // META: script=../resources/utils.js
      3 
      4 function checkContentType(contentType, body)
      5 {
      6    if (self.FormData && body instanceof self.FormData) {
      7        assert_true(contentType.startsWith("multipart/form-data; boundary="), "Request should have header content-type starting with multipart/form-data; boundary=, but got " + contentType);
      8        return;
      9    }
     10 
     11    var expectedContentType = "text/plain;charset=UTF-8";
     12    if(body === null || body instanceof ArrayBuffer || body.buffer instanceof ArrayBuffer)
     13        expectedContentType = null;
     14    else if (body instanceof Blob)
     15        expectedContentType = body.type ? body.type : null;
     16    else if (body instanceof URLSearchParams)
     17        expectedContentType = "application/x-www-form-urlencoded;charset=UTF-8";
     18 
     19    assert_equals(contentType , expectedContentType, "Request should have header content-type: " + expectedContentType);
     20 }
     21 
     22 function requestHeaders(desc, url, method, body, expectedOrigin, expectedContentLength) {
     23  var urlParameters = "?headers=origin|user-agent|accept-charset|content-length|content-type";
     24  var requestInit = {"method": method}
     25  promise_test(function(test){
     26    if (typeof body === "function")
     27      body = body();
     28    if (body)
     29      requestInit["body"] = body;
     30    return fetch(url + urlParameters, requestInit).then(function(resp) {
     31      assert_equals(resp.status, 200, "HTTP status is 200");
     32      assert_equals(resp.type , "basic", "Response's type is basic");
     33      assert_true(resp.headers.has("x-request-user-agent"), "Request has header user-agent");
     34      assert_false(resp.headers.has("accept-charset"), "Request has header accept-charset");
     35      assert_equals(resp.headers.get("x-request-origin") , expectedOrigin, "Request should have header origin: " + expectedOrigin);
     36      if (expectedContentLength !== undefined)
     37        assert_equals(resp.headers.get("x-request-content-length") , expectedContentLength, "Request should have header content-length: " + expectedContentLength);
     38      checkContentType(resp.headers.get("x-request-content-type"), body);
     39    });
     40  }, desc);
     41 }
     42 
     43 var url = RESOURCES_DIR + "inspect-headers.py"
     44 
     45 requestHeaders("Fetch with GET", url, "GET", null, null, null);
     46 requestHeaders("Fetch with HEAD", url, "HEAD", null, null, null);
     47 requestHeaders("Fetch with PUT without body", url, "POST", null, location.origin, "0");
     48 requestHeaders("Fetch with PUT with body", url, "PUT", "Request's body", location.origin, "14");
     49 requestHeaders("Fetch with POST without body", url, "POST", null, location.origin, "0");
     50 requestHeaders("Fetch with POST with text body", url, "POST", "Request's body", location.origin, "14");
     51 requestHeaders("Fetch with POST with FormData body", url, "POST", function() { return new FormData(); }, location.origin);
     52 requestHeaders("Fetch with POST with URLSearchParams body", url, "POST", function() { return new URLSearchParams("name=value"); }, location.origin, "10");
     53 requestHeaders("Fetch with POST with Blob body", url, "POST", new Blob(["Test"]), location.origin, "4");
     54 requestHeaders("Fetch with POST with ArrayBuffer body", url, "POST", new ArrayBuffer(4), location.origin, "4");
     55 requestHeaders("Fetch with POST with Uint8Array body", url, "POST", new Uint8Array(4), location.origin, "4");
     56 requestHeaders("Fetch with POST with Int8Array body", url, "POST", new Int8Array(4), location.origin, "4");
     57 requestHeaders("Fetch with POST with Float16Array body", url, "POST", () => new Float16Array(1), location.origin, "2");
     58 requestHeaders("Fetch with POST with Float32Array body", url, "POST", new Float32Array(1), location.origin, "4");
     59 requestHeaders("Fetch with POST with Float64Array body", url, "POST", new Float64Array(1), location.origin, "8");
     60 requestHeaders("Fetch with POST with DataView body", url, "POST", new DataView(new ArrayBuffer(8), 0, 4), location.origin, "4");
     61 requestHeaders("Fetch with POST with Blob body with mime type", url, "POST", new Blob(["Test"], { type: "text/maybe" }), location.origin, "4");
     62 requestHeaders("Fetch with Chicken", url, "Chicken", null, location.origin, null);
     63 requestHeaders("Fetch with Chicken with body", url, "Chicken", "Request's body", location.origin, "14");
     64 
     65 function requestOriginHeader(method, mode, needsOrigin) {
     66  promise_test(function(test){
     67    return fetch(url + "?headers=origin", {method:method, mode:mode}).then(function(resp) {
     68      assert_equals(resp.status, 200, "HTTP status is 200");
     69      assert_equals(resp.type , "basic", "Response's type is basic");
     70      if(needsOrigin)
     71        assert_equals(resp.headers.get("x-request-origin") , location.origin, "Request should have an Origin header with origin: " + location.origin);
     72      else
     73        assert_equals(resp.headers.get("x-request-origin"), null, "Request should not have an Origin header")
     74    });
     75  }, "Fetch with " + method + " and mode \"" + mode + "\" " + (needsOrigin ? "needs" : "does not need") + " an Origin header");
     76 }
     77 
     78 requestOriginHeader("GET", "cors", false);
     79 requestOriginHeader("POST", "same-origin", true);
     80 requestOriginHeader("POST", "no-cors", true);
     81 requestOriginHeader("PUT", "same-origin", true);
     82 requestOriginHeader("TacO", "same-origin", true);
     83 requestOriginHeader("TacO", "cors", true);