[ tor-browser ].git.dasho

worker-inheritance.sub.https.html (2442B)
      1 <!DOCTYPE html>
      2 <title>Test that local scheme workers inherit COEP: require-corp from the creating document</title>
      3 <script src="/resources/testharness.js"></script>
      4 <script src="/resources/testharnessreport.js"></script>
      5 <script>
      6  promise_test(async t => {
      7    let sameOrigin = "{{location[server]}}";
      8    let crossOrigin = "https://{{hosts[][www]}}:{{ports[https][1]}}";
      9 
     10    let testHarness = await fetch(`${sameOrigin}/resources/testharness.js`)
     11        .then(r => r.text());
     12 
     13    // Test that fetching same-origin is allowed by COEP.
     14    let same_origin_allowed_test = testName => `
     15        promise_test(async t => {
     16          return fetch("${sameOrigin}/common/blank.html", { mode: "no-cors" });
     17        }, "${testName}: Same origin should be allowed.");
     18    `;
     19 
     20    // For data URLs, since everything is cross-origin in that case.
     21    let same_origin_blocked_test = testName => `
     22        promise_test(t => {
     23          return promise_rejects_js(
     24              t, TypeError,
     25              fetch("${sameOrigin}/common/blank.html", { mode: "no-cors" }));
     26        }, "${testName}: Same origin should be blocked.");
     27    `;
     28 
     29    // Test that fetching cross-origin is blocked by COEP.
     30    let cross_origin_blocked_test = testName => `
     31        promise_test(t => {
     32          return promise_rejects_js(
     33              t, TypeError,
     34              fetch("${crossOrigin}/common/blank.html", { mode: "no-cors" }));
     35        }, "${testName}: Cross origin should be blocked.");
     36    `;
     37 
     38    let blob_string = testName => testHarness +
     39        same_origin_allowed_test(testName) +
     40        cross_origin_blocked_test(testName) + "done();";
     41 
     42    let data_string = testName => testHarness +
     43        same_origin_blocked_test(testName) +
     44        cross_origin_blocked_test(testName) + "done();";
     45 
     46    let blob_url = context => {
     47      let blob = new Blob([blob_string(`blob URL ${context}`)],
     48                          { type: 'application/javascript' });
     49      return URL.createObjectURL(blob);
     50    };
     51 
     52    await fetch_tests_from_worker(new Worker(blob_url("dedicated worker")));
     53    await fetch_tests_from_worker(new SharedWorker(blob_url("shared worker")));
     54 
     55    let data_url = context => `data:application/javascript,` +
     56        `${encodeURIComponent(data_string("data URL " + context))}`;
     57 
     58    await fetch_tests_from_worker(new Worker(data_url("dedicated worker")));
     59    await fetch_tests_from_worker(new Worker(data_url("shared worker")));
     60  });
     61 </script>
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE