tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

basic-dedicated-worker.https.html (3600B)

      1 <!doctype html>
      2 <html>
      3  <head>
      4    <meta charset=utf-8>
      5    <title>Test WorkerGlobalScope.isSecureContext for HTTPS creator</title>
      6    <meta name="help" href="https://w3c.github.io/webappsec-secure-contexts/#monkey-patching-global-object">
      7    <script src=/resources/testharness.js></script>
      8    <script src=/resources/testharnessreport.js></script>
      9    <script src="server-locations.sub.js"></script>
     10  </head>
     11  <body>
     12    <script>
     13      var t1 = async_test("HTTP worker");
     14      var t2 = async_test("HTTPS worker");
     15      var t3 = async_test("HTTP nested worker");
     16      var t4 = async_test("HTTPS nested worker");
     17      var t5 = async_test("HTTP worker from HTTPS subframe");
     18      var t6 = async_test("HTTPS worker from HTTPS subframe");
     19      var t7 = async_test("Worker from data URL");
     20 
     21      try {
     22        var w1 = new Worker(http_dir + "support/dedicated-worker-script.js");
     23        w1.onmessage = t1.step_func_done(function(e) {
     24          assert_unreached("cross-origin workers should not be loaded");
     25        });
     26        w1.onerror = t1.step_func_done(function(e) {
     27          e.preventDefault();
     28        });
     29      } catch (e) {
     30        // Some browsers throw for cross-origin URLs. This violates the Worker spec,
     31        // but isn't actually relevant to what we're testing here.
     32        t1.done();
     33      }
     34 
     35      var w2 = new Worker(https_dir + "support/dedicated-worker-script.js");
     36      w2.onmessage = t2.step_func_done(function(e) {
     37        assert_true(e.data);
     38      });
     39      w2.onerror = t2.step_func_done(function(e) {
     40        assert_unreached("isSecureContext should be supported");
     41      });
     42 
     43      try {
     44        var w3 = new Worker(http_dir + "support/parent-dedicated-worker-script.js");
     45        w3.onmessage = t3.step_func_done(function(e) {
     46          assert_unreached("cross-origin workers should not be loaded");
     47        });
     48        w3.onerror = t3.step_func_done(function(e) {
     49          e.preventDefault();
     50        });
     51      } catch (e) {
     52        // Some browsers throw for cross-origin URLs. This violates the Worker spec,
     53        // but isn't actually relevant to what we're testing here.
     54        t3.done();
     55      }
     56 
     57      var w4 = new Worker(https_dir + "support/parent-dedicated-worker-script.js");
     58      w4.onmessage = t4.step_func_done(function(e) {
     59        assert_true(e.data);
     60      });
     61      w4.onerror = t4.step_func_done(function(e) {
     62        assert_unreached("isSecureContext should be supported");
     63      });
     64 
     65      onmessage = function(e) {
     66        var data = e.data;
     67        if (data.type == "http") {
     68          t5.step(function() {
     69            assert_true(data.error);
     70          });
     71          t5.done();
     72        } else if (data.type == "https") {
     73          t6.step(function() {
     74            assert_false(data.error);
     75            assert_true(data.isSecureContext);
     76          });
     77          t6.done();
     78        } else {
     79          t5.step(function() {
     80            assert_unreached("Unknown message");
     81          });
     82          t5.done();
     83          t6.step(function() {
     84            assert_unreached("Unknown message");
     85          });
     86          t6.done();
     87        }
     88      }
     89 
     90      var ifr = document.createElement("iframe");
     91      ifr.src = https_dir + "support/https-subframe-dedicated.html";
     92      document.body.appendChild(ifr);
     93 
     94      var w7 = new Worker("data:text/javascript,postMessage(isSecureContext);");
     95      w7.onmessage = t7.step_func_done(function(e) {
     96        assert_true(e.data);
     97      });
     98      w7.onerror = t7.step_func_done(function(e) {
     99        assert_unreached("isSecureContext should be supported");
    100      });
    101    </script>
    102  </body>
    103 </html>