tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

coop-same-origin-allow-popups-document-write.html (2284B)

      1 <!doctype html>
      2 <script src="/resources/testharness.js"></script>
      3 <script src="/resources/testharnessreport.js"></script>
      4 <script src="/common/get-host-info.sub.js"></script>
      5 <script src="/common/utils.js"></script>
      6 <script src="/common/dispatcher/dispatcher.js"></script>
      7 <script>
      8 
      9 /*
     10  Regression test for: https://crbug.com/1216244
     11  From a window using Cross-Origin-Opener-Policy:same-origin-allow-popup, open
     12  a new blank window and navigate it cross-origin using document.write and a
     13  meta refresh. The openee/opener relationship must hold.
     14 */
     15 
     16 const executor_path = '/common/dispatcher/executor.html?pipe=';
     17 const coep_soap =
     18  "|header(Cross-Origin-Opener-Policy,same-origin-allow-popups)";
     19 const same_origin = get_host_info().HTTPS_ORIGIN;
     20 const cross_origin = get_host_info().HTTPS_REMOTE_ORIGIN;
     21 
     22 promise_test(async t => {
     23  // This window:
     24  const this_window_token = token();
     25 
     26  // The opener, using COEP:same-origin-allow-popups:
     27  const opener_token = token();
     28  const opener_url = same_origin + executor_path + coep_soap +
     29    `&uuid=${opener_token}`;
     30  const opener = window.open(opener_url);
     31 
     32  // Open a blank window, then use document.write and a meta refresh to navigate
     33  // cross-origin.
     34  const openee_token = token();
     35  const openee_url = cross_origin + executor_path + `&uuid=${openee_token}`;
     36  send(opener_token, `
     37    openee = window.open();
     38    openee.document.write(\`
     39      <meta http-equiv="refresh" content="0; url=${openee_url}">
     40    \`);
     41    openee.document.close();
     42  `);
     43 
     44  // Check the openee is loaded without access to the opener.
     45  send(openee_token, `
     46    send("${this_window_token}", opener == null)
     47  `);
     48  assert_equals(await receive(this_window_token), "true", "opener == null");
     49 
     50  // To get the state of the openee reflected into the opener's process, waiting
     51  // for the openee' document to load and the various fetch() with the
     52  // dispatcher should be largely enough. However these aren't causal guarantee.
     53  // So wait a bit to be sure:
     54  await new Promise(r => t.step_timeout(r, 1000));
     55 
     56  // Check the opener see the openee as 'closed' after the navigation.
     57  send(opener_token, `
     58    send("${this_window_token}", openee.closed)
     59  `);
     60  assert_equals(await receive(this_window_token), "true", "openee.closed");
     61 });
     62 </script>