tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

iframe-inheritance-javascript-child.html (2818B)

      1 <!doctype html>
      2 <title>Referrer Policy: iframes with javascript url reuse referrer policy</title>
      3 <script src="/resources/testharness.js"></script>
      4 <script src="/resources/testharnessreport.js"></script>
      5 <script src="/common/get-host-info.sub.js"></script>
      6 <script src="resources/make-html-script.js"></script>
      7 <meta name="referrer" content="unsafe-url">
      8 <div id="log"></div>
      9 <script>
     10 [
     11  {
     12    srcDocPolicy: ``,
     13    expected: location.origin + "/custom"
     14  },
     15  {
     16    srcDocPolicy: `<meta name="referrer" content="no-referrer">`,
     17    expected: undefined
     18  }
     19 ].forEach(({ srcDocPolicy, expected }) => {
     20  promise_test(t => {
     21    return new Promise(resolve => {
     22      window.addEventListener("message", t.step_func(msg => {
     23        assert_equals(msg.data.referrer, expected);
     24        resolve();
     25      }), { once:true });
     26 
     27      const iframe = document.createElement("iframe");
     28      t.add_cleanup(() => iframe.remove());
     29      iframe.srcdoc = `${srcDocPolicy}<body><h1>Outer iframe</h1></body>`;
     30      iframe.onload = t.step_func(() => {
     31        iframe.onload = null;
     32        const iframeChild =  iframe.contentDocument.createElement("iframe");
     33        // We add a custom referrer to the fetch request. Otherwise,
     34        // since the frame's URL is "about:blank", the Referer header will
     35        // always be empty:
     36        // https://w3c.github.io/webappsec-referrer-policy/#strip-url.
     37        iframeChild.src = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN, location.origin+"/custom")}'`;
     38        iframe.contentDocument.body.appendChild(iframeChild);
     39      });
     40      document.body.appendChild(iframe);
     41    });
     42  });
     43 });
     44 
     45 [
     46  {
     47    srcDocPolicy: ``,
     48    expected: location.href  // Executing javascript does not change the document url.
     49                             // Since the algorithm for computing the referrer in a srcdoc
     50                             // iframe defers recursively to the parent, the expected
     51                             // referrer should be the full url of the main document.
     52  },
     53  {
     54    srcDocPolicy: `<meta name="referrer" content="no-referrer">`,
     55    expected: undefined
     56  }
     57 ].forEach(({ srcDocPolicy, expected }) => {
     58  promise_test(t => {
     59    return new Promise(resolve => {
     60      window.addEventListener("message", t.step_func(msg => {
     61        assert_equals(msg.data.referrer, expected);
     62        resolve();
     63      }), { once:true });
     64 
     65      const iframe = document.createElement("iframe");
     66      t.add_cleanup(() => iframe.remove());
     67      iframe.srcdoc = `${srcDocPolicy}<body><h1>Outer iframe</h1></body>`;
     68      iframe.onload = t.step_func(() => {
     69        iframe.onload = null;
     70        iframe.contentWindow.location = `javascript:'${createScriptString(get_host_info().REMOTE_ORIGIN)}'`;
     71      });
     72      document.body.appendChild(iframe);
     73    });
     74  });
     75 });
     76 
     77 </script>