tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

coep-navigate-popup-unsafe-inherit.https.html (2106B)

      1 <!doctype html>
      2 <title>Historical: Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy: a navigating popup</title>
      3 <meta name=timeout content=long>
      4 <script src=/resources/testharness.js></script>
      5 <script src=/resources/testharnessreport.js></script>
      6 <script src=/common/subset-tests.js></script>
      7 <script src=/common/get-host-info.sub.js></script>
      8 <script src=/common/utils.js></script>
      9 <script src=../resources/common.js></script>
     10 <script src=/common/dispatcher/dispatcher.js></script>
     11 <script>
     12 [
     13  {
     14    "title": "coop unsafe-inherit/coep",
     15    "coop": "unsafe-inherit", // historical value, equivalent to "unsafe-none"
     16    "coep": "require-corp",
     17    "opener": false
     18  },
     19  {
     20    "title": "coop unsafe-inherit/no coep",
     21    "coop": "unsafe-inherit", // historical value, equivalent to "unsafe-none"
     22    "coep": "",
     23    "opener": false
     24  }
     25 ].forEach((variant) => {
     26  ["same-origin", "same-site"].forEach((site) => {
     27    const title = `Popup navigating to ${site} with ${variant.title}`;
     28    const responseToken = token();
     29    const iframeToken = token();
     30    const navigateHost = site === "same-origin" ? SAME_ORIGIN : SAME_SITE;
     31    const navigateURL = `${navigateHost.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=${variant.coop}&coep=${variant.coep}&responseToken=${responseToken}&iframeToken=${iframeToken}`;
     32    const opener = site === "same-origin" ? variant.opener : false;
     33 
     34    promise_test(t => {
     35      // For each test we open a COOP: same-origin/COEP: require-corp document in a popup and then
     36      // navigate that to either a document with same origin (site=="same-origin") or
     37      // not-same-origin (site=="same-site") whose COOP and COEP are set as per the top-most array.
     38      // We then verify that this document has the correct opener for its specific setup.
     39      return dispatcher_url_test(t, `${SAME_ORIGIN.origin}/html/cross-origin-opener-policy/resources/coop-coep.py?coop=same-origin&coep=require-corp&navigate=${encodeURIComponent(navigateURL)}`, responseToken, iframeToken, opener, undefined, () => t.done());
     40    }, title);
     41  });
     42 });
     43 </script>