tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

getGPC.py (4306B)

      1 import base64
      2 
      3 def maybeBoolToJavascriptLiteral(value):
      4  if value == None:
      5    return "undefined"
      6  if value == True:
      7    return "true"
      8  if value == False:
      9    return "false"
     10  raise ValueError("Expected bool or None")
     11 
     12 def main(request, response):
     13  destination = request.headers.get("sec-fetch-dest").decode("utf-8")
     14  gpcValue = request.headers.get("sec-gpc") == b'1'
     15  expectedGPCValue = request.GET.get(b"gpc") == b"true"
     16  inFrame = request.GET.get(b"framed") != None
     17  destinationDescription = "framed " + destination if inFrame else destination
     18  if destination == "document" or destination == "iframe":
     19    response.headers.set('Content-Type', 'text/html');
     20    return f"""
     21 <!DOCTYPE html>
     22 <html>
     23 <title>Sec-GPC {destination}</title>
     24 <head>
     25  <script src="/resources/testharness.js"></script>
     26 </head>
     27 <body>
     28  <div id="log"></div>
     29  <img id="imageTest">
     30  <script>
     31    test(function(t) {{
     32      assert_equals({maybeBoolToJavascriptLiteral(gpcValue)}, {maybeBoolToJavascriptLiteral(expectedGPCValue)}, "Expected Sec-GPC value ({maybeBoolToJavascriptLiteral(expectedGPCValue)}) is on the {destinationDescription} fetch");
     33    }}, `Expected Sec-GPC value ({maybeBoolToJavascriptLiteral(expectedGPCValue)}) is on the {destinationDescription} fetch`);
     34    promise_test(function(t) {{
     35      const image = document.getElementById("imageTest");
     36      const testResult = new Promise((resolve, reject) => {{
     37        image.addEventListener('load', resolve);
     38        image.addEventListener('error', reject);
     39      }});
     40      image.src = "getGPC.py?gpc={maybeBoolToJavascriptLiteral(expectedGPCValue)}";
     41      return testResult;
     42    }}, `Expected Sec-GPC value ({maybeBoolToJavascriptLiteral(expectedGPCValue)}) is on the {"framed " if destination == "iframe" or inFrame else ""}image fetch`);
     43  </script>
     44 """ + (f"""
     45  <script>
     46    const iframe = document.createElement("iframe");
     47    iframe.src = "getGPC.py?gpc={maybeBoolToJavascriptLiteral(expectedGPCValue)}";
     48    document.body.appendChild(iframe);
     49    async function run() {{
     50      await Promise.all([
     51        fetch_tests_from_window(iframe.contentWindow),
     52        fetch_tests_from_worker(new Worker("getGPC.py?gpc={maybeBoolToJavascriptLiteral(expectedGPCValue)}")),
     53        fetch_tests_from_worker(new SharedWorker("getGPC.py?gpc={maybeBoolToJavascriptLiteral(expectedGPCValue)}")),
     54      ]);
     55      let r = await navigator.serviceWorker.register(
     56        "getGPC.py?gpc={maybeBoolToJavascriptLiteral(expectedGPCValue)}",
     57        {{scope: "./blank.html"}});
     58      let sw = r.active || r.installing || r.waiting;
     59      await fetch_tests_from_worker(sw);
     60      await r.unregister();
     61    }}
     62    run();
     63  </script>
     64  """ if destination == "document" else "") + f"""
     65  <script src="getGPC.py?gpc={maybeBoolToJavascriptLiteral(expectedGPCValue)}{"&framed" if destination == "iframe" or inFrame else ""}"></script>
     66 </body>
     67 </html>
     68 """
     69  elif destination == "image":
     70    if gpcValue == expectedGPCValue:
     71      return (200, [(b"Content-Type", b"image/png")], base64.b64decode("iVBORw0KGgoAAAANSUhEUgAAAAIAAAACCAYAAABytg0kAAAAEUlEQVR42mP8nzaTAQQYYQwALssD/5ca+r8AAAAASUVORK5CYII="))
     72    return (400, [], "")
     73  elif destination == "script":
     74    response.headers.set('Content-Type', 'application/javascript');
     75    return f"""
     76 debugger;
     77 test(function(t) {{
     78  assert_equals({maybeBoolToJavascriptLiteral(gpcValue)}, {maybeBoolToJavascriptLiteral(expectedGPCValue)}, "Expected Sec-GPC value ({maybeBoolToJavascriptLiteral(expectedGPCValue)}) is on the {destinationDescription} fetch");
     79 }}, `Expected Sec-GPC value ({maybeBoolToJavascriptLiteral(expectedGPCValue)}) is on the {destinationDescription} fetch`);
     80 """
     81  elif destination == "worker" or destination == "sharedworker" or destination == "serviceworker":
     82    response.headers.set('Content-Type', 'application/javascript');
     83    return f"""
     84 importScripts("/resources/testharness.js");
     85 test(function(t) {{
     86  assert_equals({maybeBoolToJavascriptLiteral(gpcValue)}, {maybeBoolToJavascriptLiteral(expectedGPCValue)}, "Expected Sec-GPC value ({maybeBoolToJavascriptLiteral(expectedGPCValue)}) is on the {destinationDescription} fetch");
     87 }}, `Expected Sec-GPC value ({maybeBoolToJavascriptLiteral(expectedGPCValue)}) is on the {destinationDescription} fetch`);
     88 done();
     89 """
     90  raise ValueError("Unexpected destination")