tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

cross-origin-worklet-in-sandboxed-frame.tentative.https.sub.html (2303B)

      1 <!doctype html>
      2 <body>
      3  <script src=/resources/testharness.js></script>
      4  <script src=/resources/testharnessreport.js></script>
      5  <script src=/common/utils.js></script>
      6  <script src=/fenced-frame/resources/utils.js></script>
      7  <script src=/shared-storage/resources/util.js></script>
      8  <script>
      9    promise_test(async t => {
     10      const cross_origin = 'https://{{domains[www]}}:{{ports[https][0]}}';
     11      const ancestor_token = token();
     12      const set_key = 'a';
     13      const set_value = 'b';
     14 
     15      // Create sandboxed iframe.
     16      let frame = document.createElement('iframe');
     17      frame.sandbox = 'allow-scripts';
     18      frame.src = '/shared-storage/resources/' +
     19        'cross-origin-worklet-in-sandboxed-frame-inner.https.sub.html' +
     20        `?cross_origin=${cross_origin}` +
     21        `&ancestor_token=${ancestor_token}` +
     22        `&mock_select_url_result_index=0` +
     23        `&set_key=${set_key}` +
     24        `&set_value=${set_value}`;
     25 
     26      let select_url_result_urn;
     27 
     28      // We expect a message to bubble up via the sandboxed iframe.
     29      const createWorkletAndSelectUrlInsideSandboxedFramePromise = new Promise((resolve, reject) => {
     30        window.addEventListener('message', async function handler(evt) {
     31          if (evt.source === frame.contentWindow) {
     32            assert_true(evt.data.success,
     33                        "createWorklet() failed inside the sandboxed iframe");
     34            select_url_result_urn = evt.data.selectUrlResultUrn;
     35 
     36            document.body.removeChild(frame);
     37            window.removeEventListener('message', handler);
     38            resolve();
     39          }
     40        });
     41        window.addEventListener('error', () => {
     42          reject(new Error('Navigation error'));
     43        });
     44      });
     45 
     46      // Navigate and wait for notification.
     47      document.body.appendChild(frame);
     48      await createWorkletAndSelectUrlInsideSandboxedFramePromise;
     49 
     50      attachFencedFrame(select_url_result_urn, 'opaque-ads');
     51      const result0 = await nextValueFromServer(ancestor_token);
     52      assert_equals(result0, "frame0_loaded");
     53 
     54      await verifyKeyValueForOrigin(set_key, set_value, cross_origin);
     55 
     56      // Clean up and finish.
     57      await sharedStorage.delete(set_key);
     58    }, 'test createWorklet() in sandboxed iframe and verify its data origin');
     59  </script>
     60 </body>