[ tor-browser ].git.dasho

fetch.sub.html (7394B)
      1 <!DOCTYPE html>
      2 <!--
      3 This test was procedurally generated. Please do not modify it directly.
      4 Sources:
      5 - fetch/metadata/tools/fetch-metadata.conf.yml
      6 - fetch/metadata/tools/templates/fetch.sub.html
      7 -->
      8 <html lang="en">
      9  <meta charset="utf-8">
     10  <title>HTTP headers on request using the "fetch" API</title>
     11  <script src="/resources/testharness.js"></script>
     12  <script src="/resources/testharnessreport.js"></script>
     13  <script src="/fetch/metadata/resources/helper.sub.js"></script>
     14  <body>
     15  <script>
     16  'use strict';
     17 
     18  function induceRequest(url, init) {
     19    return fetch(url, init);
     20  }
     21 
     22  promise_test(() => {
     23    const key = '{{uuid()}}';
     24 
     25    return induceRequest(
     26        makeRequestURL(key, ['httpOrigin']),
     27        {}
     28      )
     29      .then(() => retrieve(key))
     30      .then((headers) => {
     31          assert_not_own_property(headers, 'sec-fetch-site');
     32        });
     33  }, 'sec-fetch-site - Not sent to non-trustworthy same-origin destination, no init');
     34 
     35  promise_test(() => {
     36    const key = '{{uuid()}}';
     37 
     38    return induceRequest(
     39        makeRequestURL(key, ['httpSameSite']),
     40        {}
     41      )
     42      .then(() => retrieve(key))
     43      .then((headers) => {
     44          assert_not_own_property(headers, 'sec-fetch-site');
     45        });
     46  }, 'sec-fetch-site - Not sent to non-trustworthy same-site destination, no init');
     47 
     48  promise_test(() => {
     49    const key = '{{uuid()}}';
     50 
     51    return induceRequest(
     52        makeRequestURL(key, ['httpCrossSite']),
     53        {}
     54      )
     55      .then(() => retrieve(key))
     56      .then((headers) => {
     57          assert_not_own_property(headers, 'sec-fetch-site');
     58        });
     59  }, 'sec-fetch-site - Not sent to non-trustworthy cross-site destination, no init');
     60 
     61  promise_test(() => {
     62    const key = '{{uuid()}}';
     63 
     64    return induceRequest(
     65        makeRequestURL(key, ['httpOrigin']),
     66        {}
     67      )
     68      .then(() => retrieve(key))
     69      .then((headers) => {
     70          assert_not_own_property(headers, 'sec-fetch-mode');
     71        });
     72  }, 'sec-fetch-mode - Not sent to non-trustworthy same-origin destination, no init');
     73 
     74  promise_test(() => {
     75    const key = '{{uuid()}}';
     76 
     77    return induceRequest(
     78        makeRequestURL(key, ['httpSameSite']),
     79        {}
     80      )
     81      .then(() => retrieve(key))
     82      .then((headers) => {
     83          assert_not_own_property(headers, 'sec-fetch-mode');
     84        });
     85  }, 'sec-fetch-mode - Not sent to non-trustworthy same-site destination, no init');
     86 
     87  promise_test(() => {
     88    const key = '{{uuid()}}';
     89 
     90    return induceRequest(
     91        makeRequestURL(key, ['httpCrossSite']),
     92        {}
     93      )
     94      .then(() => retrieve(key))
     95      .then((headers) => {
     96          assert_not_own_property(headers, 'sec-fetch-mode');
     97        });
     98  }, 'sec-fetch-mode - Not sent to non-trustworthy cross-site destination, no init');
     99 
    100  promise_test(() => {
    101    const key = '{{uuid()}}';
    102 
    103    return induceRequest(
    104        makeRequestURL(key, ['httpOrigin']),
    105        {}
    106      )
    107      .then(() => retrieve(key))
    108      .then((headers) => {
    109          assert_not_own_property(headers, 'sec-fetch-dest');
    110        });
    111  }, 'sec-fetch-dest - Not sent to non-trustworthy same-origin destination, no init');
    112 
    113  promise_test(() => {
    114    const key = '{{uuid()}}';
    115 
    116    return induceRequest(
    117        makeRequestURL(key, ['httpSameSite']),
    118        {}
    119      )
    120      .then(() => retrieve(key))
    121      .then((headers) => {
    122          assert_not_own_property(headers, 'sec-fetch-dest');
    123        });
    124  }, 'sec-fetch-dest - Not sent to non-trustworthy same-site destination, no init');
    125 
    126  promise_test(() => {
    127    const key = '{{uuid()}}';
    128 
    129    return induceRequest(
    130        makeRequestURL(key, ['httpCrossSite']),
    131        {}
    132      )
    133      .then(() => retrieve(key))
    134      .then((headers) => {
    135          assert_not_own_property(headers, 'sec-fetch-dest');
    136        });
    137  }, 'sec-fetch-dest - Not sent to non-trustworthy cross-site destination, no init');
    138 
    139  promise_test(() => {
    140    const key = '{{uuid()}}';
    141 
    142    return induceRequest(
    143        makeRequestURL(key, ['httpOrigin']),
    144        {}
    145      )
    146      .then(() => retrieve(key))
    147      .then((headers) => {
    148          assert_not_own_property(headers, 'sec-fetch-user');
    149        });
    150  }, 'sec-fetch-user - Not sent to non-trustworthy same-origin destination, no init');
    151 
    152  promise_test(() => {
    153    const key = '{{uuid()}}';
    154 
    155    return induceRequest(
    156        makeRequestURL(key, ['httpSameSite']),
    157        {}
    158      )
    159      .then(() => retrieve(key))
    160      .then((headers) => {
    161          assert_not_own_property(headers, 'sec-fetch-user');
    162        });
    163  }, 'sec-fetch-user - Not sent to non-trustworthy same-site destination, no init');
    164 
    165  promise_test(() => {
    166    const key = '{{uuid()}}';
    167 
    168    return induceRequest(
    169        makeRequestURL(key, ['httpCrossSite']),
    170        {}
    171      )
    172      .then(() => retrieve(key))
    173      .then((headers) => {
    174          assert_not_own_property(headers, 'sec-fetch-user');
    175        });
    176  }, 'sec-fetch-user - Not sent to non-trustworthy cross-site destination, no init');
    177 
    178  promise_test(() => {
    179    const key = '{{uuid()}}';
    180 
    181    return induceRequest(
    182        makeRequestURL(key, ['httpOrigin']),
    183        {}
    184      )
    185      .then(() => retrieve(key))
    186      .then((headers) => {
    187          assert_not_own_property(headers, 'sec-fetch-storage-access');
    188        });
    189  }, 'sec-fetch-storage-access - Not sent to non-trustworthy same-origin destination, no init');
    190 
    191  promise_test(() => {
    192    const key = '{{uuid()}}';
    193 
    194    return induceRequest(
    195        makeRequestURL(key, ['httpSameSite']),
    196        {}
    197      )
    198      .then(() => retrieve(key))
    199      .then((headers) => {
    200          assert_not_own_property(headers, 'sec-fetch-storage-access');
    201        });
    202  }, 'sec-fetch-storage-access - Not sent to non-trustworthy same-site destination, no init');
    203 
    204  promise_test(() => {
    205    const key = '{{uuid()}}';
    206 
    207    return induceRequest(
    208        makeRequestURL(key, ['httpCrossSite']),
    209        {}
    210      )
    211      .then(() => retrieve(key))
    212      .then((headers) => {
    213          assert_not_own_property(headers, 'sec-fetch-storage-access');
    214        });
    215  }, 'sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination, no init');
    216 
    217  promise_test(() => {
    218    const key = '{{uuid()}}';
    219 
    220    return induceRequest(
    221        makeRequestURL(key, ['httpsOrigin', 'httpOrigin']),
    222        {}
    223      )
    224      .then(() => retrieve(key))
    225      .then((headers) => {
    226          assert_not_own_property(headers, 'sec-fetch-site');
    227        });
    228  }, 'sec-fetch-site - HTTPS downgrade (header not sent), no init');
    229 
    230  promise_test(() => {
    231    const key = '{{uuid()}}';
    232 
    233    return induceRequest(
    234        makeRequestURL(key, ['httpOrigin', 'httpsOrigin']),
    235        {}
    236      )
    237      .then(() => retrieve(key))
    238      .then((headers) => {
    239          assert_own_property(headers, 'sec-fetch-site');
    240          assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
    241        });
    242  }, 'sec-fetch-site - HTTPS upgrade, no init');
    243 
    244  promise_test(() => {
    245    const key = '{{uuid()}}';
    246 
    247    return induceRequest(
    248        makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']),
    249        {}
    250      )
    251      .then(() => retrieve(key))
    252      .then((headers) => {
    253          assert_own_property(headers, 'sec-fetch-site');
    254          assert_array_equals(headers['sec-fetch-site'], ['cross-site']);
    255        });
    256  }, 'sec-fetch-site - HTTPS downgrade-upgrade, no init');
    257  </script>
    258  </body>
    259 </html>
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE