tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

grandparent_session_aboutsrcdoc.sub.window.js (2664B)

      1 // META: script=./resources/testharness.js
      2 // META: script=./resources/testharnessreport.js
      3 
      4 function run_test(cross_origin, sandbox, name) {
      5  promise_test(async test => {
      6    let child_frame = document.createElement('iframe');
      7 
      8    let load_count = 0;
      9    const test_finished = new Promise(resolve => {
     10      window.onmessage = (e) => {
     11        load_count++;
     12        if (load_count == 1) {
     13          // Initial load.
     14          assert_equals(e.data, "about:srcdoc");
     15          // Navigate child to a different page.
     16          child_frame.src = "./resources/child2.html";
     17        } else if (load_count == 2) {
     18          // Make sure we navigated away from the frame with the srcdoc, then
     19          // go back.
     20          assert_equals(e.data, child_frame.src);
     21          history.back();
     22        } else if (load_count == 3) {
     23          // Verify the session restore was able to load the srcdoc.
     24          assert_equals(e.data, "about:srcdoc");
     25          resolve();
     26        }
     27      };
     28    });
     29    let cmd_str = "load grandchild";
     30    if (sandbox) {
     31      cmd_str += " sandbox";
     32    }
     33 
     34    // It would be nice not to have to hardcode the entire relative path for the
     35    // child in the cross-origin case.
     36    let filename = "child_with_static_srcdoc.html";
     37    if (sandbox) {
     38      let filename = "child_with_static_sandbox_srcdoc.html"
     39    }
     40 
     41    const child_relative_path = './resources/' + filename;
     42    if (cross_origin) {
     43      const new_origin = new URL('http://{{hosts[][www]}}:{{ports[http][1]}}');
     44      const child_url_same_site = new URL(child_relative_path, location.href);
     45      child_frame.src = new_origin.origin + child_url_same_site.pathname;
     46    } else {
     47      child_frame.src = child_relative_path;
     48    }
     49 
     50    document.body.appendChild(child_frame);
     51    await test_finished;
     52 
     53    // Cleanup.
     54    document.body.removeChild(child_frame);
     55  }, name);
     56 }
     57 
     58 onload = () => {
     59  // Four tests to make sure the about:srcdoc loads when being restored from
     60  // session history. The srcdoc itself can be either sandboxed or not, and
     61  // the caller of history.back() can be cross-origin or same-origin to the
     62  // oarent of the srcdoc.
     63  run_test(cross_origin = true, sandbox = false,
     64           name = "Grandparent with cross-origin srdoc grandchild session");
     65  run_test(cross_origin = true, sandbox = true,
     66           name = "Grandparent with cross-origin sandboxed srdoc grandchild session");
     67  run_test(cross_origin = false, sandbox = false,
     68           name = "Grandparent with same-origin srdoc grandchild session");
     69  run_test(cross_origin = false, sandbox = true,
     70           name = "Grandparent with same-origin sandboxed srdoc grandchild session");
     71 }