tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

nested-contexts.js (2596B)

      1 let destination = location;
      2 
      3 if (location.search == "?cross-site") {
      4    const https = destination.protocol.startsWith("https");
      5    destination = get_host_info()[https ? 'HTTPS_NOTSAMESITE_ORIGIN' : 'HTTP_NOTSAMESITE_ORIGIN'];
      6 } else if (location.search == "?crossorigin") {
      7    destination =  get_host_info().REMOTE_ORIGIN;
      8 }
      9 
     10 const pre_navigate_url =
     11  new URL("/resource-timing/resources/document-that-navigates.html",
     12    destination).href;
     13 const post_navigate_url =
     14  new URL("/resource-timing/resources/document-navigated.html",
     15    destination).href;
     16 const pre_refresh_url =
     17  new URL("/resource-timing/resources/document-that-refreshes.html",
     18    destination).href;
     19 const post_refresh_url =
     20  new URL("/resource-timing/resources/document-refreshed.html",
     21    destination).href;
     22 
     23 const setup_navigate_or_refresh = (type, pre, post) => {
     24  const verify_document_navigate_not_observable = () => {
     25    if (performance.getEntriesByName(post).length) {
     26      opener.postMessage(`FAIL - ${type} document should not be observable`,
     27      `*`);
     28 
     29    }
     30 
     31    opener.postMessage("PASS", "*");
     32  }
     33  window.addEventListener("message", e => {
     34    if (e.data == type) {
     35      verify_document_navigate_not_observable();
     36    }
     37  });
     38 }
     39 
     40 const setup_navigate_test = () => {
     41  setup_navigate_or_refresh("navigated", pre_navigate_url, post_navigate_url);
     42 }
     43 
     44 const setup_refresh_test = () => {
     45  setup_navigate_or_refresh("refreshed", pre_refresh_url, post_refresh_url);
     46 }
     47 
     48 const setup_back_navigation = pushed_url => {
     49  const verify_document_navigate_not_observable = navigated_back => {
     50    if (performance.getEntriesByName(post_navigate_url).length) {
     51      opener.postMessage("FAIL - navigated document exposed", "*");
     52    }
     53    if (navigated_back) {
     54      opener.postMessage("PASS", "*");
     55    }
     56  }
     57  window.addEventListener("message", e => {
     58    if (e.data == "navigated") {
     59      verify_document_navigate_not_observable(sessionStorage.navigated);
     60      if (sessionStorage.navigated) {
     61        delete sessionStorage.navigated;
     62      } else {
     63        sessionStorage.navigated = true;
     64        setTimeout(() => {
     65          history.pushState({}, "", pushed_url);
     66          location.href="navigate_back.html";
     67        }, 0);
     68      }
     69    }
     70  });
     71 }
     72 
     73 const open_test_window = (url, message) => {
     74  promise_test(() => {
     75    return new Promise((resolve, reject) => {
     76      const openee = window.open(url);
     77      addEventListener("message", e => {
     78        openee.close();
     79        if (e.data == "PASS") {
     80          resolve();
     81        } else {
     82          reject(e.data);
     83        }
     84      });
     85    });
     86  }, message);
     87 }