tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

cross-partition.https.tentative.html (10140B)

      1 <!DOCTYPE html>
      2 <meta charset=utf-8>
      3 <meta name="timeout" content="long">
      4 <script src="/resources/testharness.js"></script>
      5 <script src="/resources/testharnessreport.js"></script>
      6 <script src="/common/get-host-info.sub.js"></script>
      7 <script src="/common/utils.js"></script>
      8 <script src="/common/dispatcher/dispatcher.js"></script>
      9 <!-- Pull in executor_path needed by newPopup / newIframe -->
     10 <script src="/html/cross-origin-embedder-policy/credentialless/resources/common.js"></script>
     11 <!-- Pull in importScript / newPopup / newIframe -->
     12 <script src="/html/anonymous-iframe/resources/common.js"></script>
     13 <body>
     14 <script>
     15 
     16 const cache_exists_js = (cache_name, response_queue_name) => `
     17  try {
     18    const exists = await self.caches.has("${cache_name}");
     19    if (exists) {
     20      await send("${response_queue_name}", "true");
     21    } else {
     22      await send("${response_queue_name}", "false");
     23    }
     24  } catch {
     25    await send("${response_queue_name}", "exception");
     26  }
     27 `;
     28 
     29 const add_iframe_js = (iframe_origin, response_queue_uuid) => `
     30  const importScript = ${importScript};
     31  await importScript("/html/cross-origin-embedder-policy/credentialless" +
     32                   "/resources/common.js");
     33  await importScript("/html/anonymous-iframe/resources/common.js");
     34  await importScript("/common/utils.js");
     35  await send("${response_queue_uuid}", newIframe("${iframe_origin}"));
     36 `;
     37 
     38 const same_site_origin = get_host_info().HTTPS_ORIGIN;
     39 const cross_site_origin = get_host_info().HTTPS_NOTSAMESITE_ORIGIN;
     40 
     41 async function create_test_iframes(t, response_queue_uuid) {
     42 
     43  // Create a same-origin iframe in a cross-site popup.
     44  const not_same_site_popup_uuid = newPopup(t, cross_site_origin);
     45  await send(not_same_site_popup_uuid,
     46       add_iframe_js(same_site_origin, response_queue_uuid));
     47  const iframe_1_uuid = await receive(response_queue_uuid);
     48 
     49  // Create a same-origin iframe in a same-site popup.
     50  const same_origin_popup_uuid = newPopup(t, same_site_origin);
     51  await send(same_origin_popup_uuid,
     52       add_iframe_js(same_site_origin, response_queue_uuid));
     53  const iframe_2_uuid = await receive(response_queue_uuid);
     54 
     55  return [iframe_1_uuid, iframe_2_uuid];
     56 }
     57 
     58 promise_test(t => {
     59  return new Promise(async (resolve, reject) => {
     60    try {
     61      const response_queue_uuid = token();
     62 
     63      const [iframe_1_uuid, iframe_2_uuid] =
     64        await create_test_iframes(t, response_queue_uuid);
     65 
     66      const cache_name = token();
     67      await self.caches.open(cache_name);
     68      t.add_cleanup(() => self.caches.delete(cache_name));
     69 
     70      await send(iframe_2_uuid,
     71           cache_exists_js(cache_name, response_queue_uuid));
     72      if (await receive(response_queue_uuid) !== "true") {
     73        reject("Cache not visible in same-top-level-site iframe");
     74      }
     75 
     76      await send(iframe_1_uuid,
     77           cache_exists_js(cache_name, response_queue_uuid));
     78      if (await receive(response_queue_uuid) !== "false") {
     79        reject("Cache visible in not-same-top-level-site iframe");
     80      }
     81 
     82      resolve();
     83    } catch (e) {
     84      reject(e);
     85    }
     86  });
     87 }, "CacheStorage caches shouldn't be shared with a cross-partition iframe");
     88 
     89 const newWorker = (origin) => {
     90  const worker_token = token();
     91  const worker_url = origin + executor_worker_path + `&uuid=${worker_token}`;
     92  const worker = new Worker(worker_url);
     93  return worker_token;
     94 }
     95 
     96 promise_test(t => {
     97  return new Promise(async (resolve, reject) => {
     98    try {
     99      const response_queue_uuid = token();
    100 
    101      const create_worker_js = (origin) => `
    102        const importScript = ${importScript};
    103        await importScript("/html/cross-origin-embedder-policy/credentialless" +
    104                         "/resources/common.js");
    105        await importScript("/html/anonymous-iframe/resources/common.js");
    106        await importScript("/common/utils.js");
    107        const newWorker = ${newWorker};
    108        await send("${response_queue_uuid}", newWorker("${origin}"));
    109      `;
    110 
    111      const [iframe_1_uuid, iframe_2_uuid] =
    112        await create_test_iframes(t, response_queue_uuid);
    113 
    114      // Create a dedicated worker in the cross-top-level-site iframe.
    115      await send(iframe_1_uuid, create_worker_js(same_site_origin));
    116      const worker_1_uuid = await receive(response_queue_uuid);
    117 
    118      // Create a dedicated worker in the same-top-level-site iframe.
    119      await send(iframe_2_uuid, create_worker_js(same_site_origin));
    120      const worker_2_uuid = await receive(response_queue_uuid);
    121 
    122      const cache_name = token();
    123      await self.caches.open(cache_name);
    124      t.add_cleanup(() => self.caches.delete(cache_name));
    125 
    126      await send(worker_2_uuid,
    127           cache_exists_js(cache_name, response_queue_uuid));
    128      if (await receive(response_queue_uuid) !== "true") {
    129        reject("Cache not visible in same-top-level-site worker");
    130      }
    131 
    132      await send(worker_1_uuid,
    133           cache_exists_js(cache_name, response_queue_uuid));
    134      if (await receive(response_queue_uuid) !== "false") {
    135        reject("Cache visible in not-same-top-level-site worker");
    136      }
    137      resolve();
    138    } catch (e) {
    139      reject(e);
    140    }
    141  });
    142 }, "CacheStorage caches shouldn't be shared with a cross-partition dedicated worker");
    143 
    144 const newSharedWorker = (origin) => {
    145  const worker_token = token();
    146  const worker_url = origin + executor_worker_path + `&uuid=${worker_token}`;
    147  const worker = new SharedWorker(worker_url, worker_token);
    148  return worker_token;
    149 }
    150 
    151 promise_test(t => {
    152  return new Promise(async (resolve, reject) => {
    153    try {
    154      const response_queue_uuid = token();
    155 
    156      const create_worker_js = (origin) => `
    157        const importScript = ${importScript};
    158        await importScript("/html/cross-origin-embedder-policy/credentialless" +
    159                         "/resources/common.js");
    160        await importScript("/html/anonymous-iframe/resources/common.js");
    161        await importScript("/common/utils.js");
    162        const newSharedWorker = ${newSharedWorker};
    163        await send("${response_queue_uuid}", newSharedWorker("${origin}"));
    164      `;
    165 
    166      const [iframe_1_uuid, iframe_2_uuid] =
    167        await create_test_iframes(t, response_queue_uuid);
    168 
    169      // Create a shared worker in the cross-top-level-site iframe.
    170      await send(iframe_1_uuid, create_worker_js(same_site_origin));
    171      const worker_1_uuid = await receive(response_queue_uuid);
    172 
    173      // Create a shared worker in the same-top-level-site iframe.
    174      await send(iframe_2_uuid, create_worker_js(same_site_origin));
    175      const worker_2_uuid = await receive(response_queue_uuid);
    176 
    177      const cache_name = token();
    178      await self.caches.open(cache_name);
    179      t.add_cleanup(() => self.caches.delete(cache_name));
    180 
    181      await send(worker_2_uuid,
    182           cache_exists_js(cache_name, response_queue_uuid));
    183      if (await receive(response_queue_uuid) !== "true") {
    184        reject("Cache not visible in same-top-level-site worker");
    185      }
    186 
    187      await send(worker_1_uuid,
    188           cache_exists_js(cache_name, response_queue_uuid));
    189      if (await receive(response_queue_uuid) !== "false") {
    190        reject("Cache visible in not-same-top-level-site worker");
    191      }
    192      resolve();
    193    } catch (e) {
    194      reject(e);
    195    }
    196  });
    197 }, "CacheStorage caches shouldn't be shared with a cross-partition shared worker");
    198 
    199 const newServiceWorker = async (origin) => {
    200  const worker_token = token();
    201  const worker_url = origin + executor_service_worker_path +
    202                     `&uuid=${worker_token}`;
    203  const worker_url_path = executor_service_worker_path.substring(0,
    204                              executor_service_worker_path.lastIndexOf('/'));
    205  const scope = worker_url_path + "/not-used/";
    206  const reg = await navigator.serviceWorker.register(worker_url,
    207                                                     {'scope': scope});
    208  return worker_token;
    209 }
    210 
    211 promise_test(t => {
    212  return new Promise(async (resolve, reject) => {
    213    try {
    214      const response_queue_uuid = token();
    215 
    216      const create_worker_js = (origin) => `
    217        const importScript = ${importScript};
    218        await importScript("/html/cross-origin-embedder-policy/credentialless" +
    219                         "/resources/common.js");
    220        await importScript("/html/anonymous-iframe/resources/common.js");
    221        await importScript("/common/utils.js");
    222        const newServiceWorker = ${newServiceWorker};
    223        await send("${response_queue_uuid}", await newServiceWorker("${origin}"));
    224      `;
    225 
    226      const [iframe_1_uuid, iframe_2_uuid] =
    227        await create_test_iframes(t, response_queue_uuid);
    228 
    229      // Create a service worker in the same-top-level-site iframe.
    230      await send(iframe_2_uuid, create_worker_js(same_site_origin));
    231      const worker_2_uuid = await receive(response_queue_uuid);
    232 
    233      t.add_cleanup(() =>
    234        send(worker_2_uuid, "self.registration.unregister();"));
    235 
    236      const cache_name = token();
    237      await self.caches.open(cache_name);
    238      t.add_cleanup(() => self.caches.delete(cache_name));
    239 
    240      await send(worker_2_uuid,
    241           cache_exists_js(cache_name, response_queue_uuid));
    242      if (await receive(response_queue_uuid) !== "true") {
    243        reject("Cache not visible in same-top-level-site worker");
    244      }
    245 
    246      // Create a service worker in the cross-top-level-site iframe. Note that
    247      // if service workers are unpartitioned then this new service worker would
    248      // replace the one created above. This is why we wait to create the second
    249      // service worker until after we are done with the first one.
    250      await send(iframe_1_uuid, create_worker_js(same_site_origin));
    251      const worker_1_uuid = await receive(response_queue_uuid);
    252 
    253      t.add_cleanup(() =>
    254        send(worker_1_uuid, "self.registration.unregister();"));
    255 
    256      await send(worker_1_uuid,
    257           cache_exists_js(cache_name, response_queue_uuid));
    258      if (await receive(response_queue_uuid) !== "false") {
    259        reject("Cache visible in not-same-top-level-site worker");
    260      }
    261 
    262      resolve();
    263    } catch (e) {
    264      reject(e);
    265    }
    266  });
    267 }, "CacheStorage caches shouldn't be shared with a cross-partition service worker");
    268 </script>
    269 </body>