tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

unload.https.sub.html (2372B)

      1 <!DOCTYPE html>
      2 <script src=/resources/testharness.js></script>
      3 <script src=/resources/testharnessreport.js></script>
      4 <script src=/resources/testdriver.js></script>
      5 <script src=/resources/testdriver-vendor.js></script>
      6 <script src=/fetch/metadata/resources/helper.js></script>
      7 <script src=/common/utils.js></script>
      8 <body>
      9 <script>
     10  // The test
     11  // 1. Creates a same-origin iframe
     12  // 2. Adds to the iframe an unload handler that will
     13  //    trigger a request to <unload_request_url>/.../record-header.py...
     14  // 3. Navigate the iframe to a cross-origin url (to data: url)
     15  // 4. Waits until the request goes through
     16  // 5. Verifies Sec-Fetch-Site request header of the request.
     17  //
     18  // This is a regression test for https://crbug.com/986577.
     19  function create_test(unload_request_origin, expectations) {
     20    async_test(t => {
     21      // STEP 1: Create an iframe.
     22      let nonce = token();
     23      let key = "unload-test-" + nonce;
     24      let url = unload_request_origin +
     25          "/fetch/metadata/resources/record-header.py?file=" + key;
     26      let i = document.createElement('iframe');
     27      i.src = 'resources/unload-with-beacon.html';
     28      i.onload = () => {
     29          // STEP 2: Ask the iframe to add an unload handler.
     30          i.contentWindow.postMessage(url, '*');
     31      };
     32      window.addEventListener('message', e => {
     33          // STEP 3: Navigate the iframe away
     34          i.contentWindow.location = 'data:text/html,DONE';
     35      });
     36      document.body.appendChild(i);
     37 
     38      // STEPS 4 and 5: Wait for the beacon to go through and verify
     39      // the request headers.
     40      function wait_and_verify() {
     41          t.step_timeout(() => {
     42              fetch("resources/record-header.py?retrieve=true&file=" + key)
     43                  .then(response => response.text())
     44                  .then(text => t.step(() => {
     45                      if (text == 'No header has been recorded') {
     46                        wait_and_verify();
     47                        return;
     48                      }
     49                      assert_header_equals(text, expectations);
     50                      t.done();
     51                  }))
     52          }, 200);
     53      }
     54      wait_and_verify();
     55    }, "Fetch from an unload handler");
     56  }
     57 
     58  create_test("https://{{host}}:{{ports[https][0]}}", {
     59    "site": "same-origin",
     60    "user": "",
     61    "mode": "no-cors",
     62    "dest": "empty"
     63  });
     64 </script>