tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

partitioned-cookies-3p-frame.html (2790B)

      1 <!DOCTYPE html>
      2 <head>
      3 <meta charset="utf-8"/>
      4 <meta name="timeout" content="long">
      5 <title>Service Worker: Partitioned Cookies 3P Iframe</title>
      6 <script src="partitioned-cookies-test-helpers.js"></script>
      7 <script src="/resources/testharness.js"></script>
      8 <script src="test-helpers.sub.js"></script>
      9 </head>
     10 
     11 <body>
     12 <script>
     13 
     14 promise_test(async t => {
     15  const script = './partitioned-cookies-3p-sw.js';
     16  const scope = './partitioned-cookies-3p-';
     17  const absolute_scope = new URL(scope, window.location).href;
     18 
     19  assert_false(
     20      document.cookie.includes('__Host-partitioned=123'),
     21      'DOM cannot access partitioned cookie');
     22 
     23  const reg = await service_worker_unregister_and_register(t, script, scope);
     24  await wait_for_state(t, reg.installing, 'activated');
     25 
     26  let retrieved_registrations =
     27        await navigator.serviceWorker.getRegistrations();
     28  let filtered_registrations =
     29    retrieved_registrations.filter(reg => reg.scope == absolute_scope);
     30 
     31  const next_message = worker_message_generator();
     32 
     33  // First test that the worker script started correctly and message passing
     34  // is enabled.
     35  filtered_registrations[0].active.postMessage({type: 'test_message'});
     36  const msg1 = await next_message();
     37  assert_true(msg1.ok, 'Message passing');
     38 
     39  // Test that the partitioned cookie is not available to this worker via HTTP.
     40  filtered_registrations[0].active.postMessage({type: 'echo_cookies_http'});
     41  const msg2 = await next_message();
     42  assert_true(msg2.ok, 'Get cookies');
     43  assert_false(
     44      msg2.cookies.includes('__Host-partitioned'),
     45      'Worker cannot access partitioned cookie via HTTP');
     46  assert_true(
     47      msg2.cookies.includes('unpartitioned'),
     48      'Worker can access unpartitioned cookie via HTTP');
     49 
     50  // Test that the partitioned cookie is not available to this worker via
     51  // CookieStore API.
     52  filtered_registrations[0].active.postMessage({type: 'echo_cookies_js'});
     53  const msg3 = await next_message();
     54  assert_true(msg3.ok, 'Get cookies');
     55  assert_false(
     56      msg3.cookies.includes('__Host-partitioned'),
     57      'Worker cannot access partitioned cookie via JS');
     58  assert_true(
     59      msg3.cookies.includes('unpartitioned'),
     60      'Worker can access unpartitioned cookie via JS');
     61 
     62  // Test that the partitioned cookie is not available to this worker in HTTP
     63  // requests from importScripts.
     64  filtered_registrations[0].active.postMessage({type: 'echo_cookies_import'});
     65  const msg4 = await next_message();
     66  assert_true(msg4.ok, 'Get cookies');
     67  assert_false(
     68      msg4.cookies.includes('__Host-partitioned'),
     69      'Worker cannot access partitioned cookie via importScripts');
     70  assert_true(
     71      msg4.cookies.includes('unpartitioned'),
     72      'Worker can access unpartitioned cookie via importScripts');
     73 });
     74 
     75 </script>
     76 </body>
     77 </html>