tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

shared-storage-writable-delete.tentative.https.sub.html (2288B)

      1 <!doctype html>
      2 <body>
      3  <script src=/resources/testharness.js></script>
      4  <script src=/resources/testharnessreport.js></script>
      5  <script src=/common/utils.js></script>
      6  <script src=/common/get-host-info.sub.js></script>
      7  <script src=/fenced-frame/resources/utils.js></script>
      8  <script src=/shared-storage/resources/util.js></script>
      9  <script>
     10    'use strict';
     11 
     12    const rawDeleteHeader = 'delete;key=hello';
     13    const deleteHeader = encodeURIComponent(rawDeleteHeader);
     14    const sameOriginDeleteUrl =
     15      `/shared-storage/resources/shared-storage-write.py?write=${deleteHeader}`
     16    const sameOrigin = generateURL(sameOriginDeleteUrl, []).origin;
     17    const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
     18    const crossOriginDeleteUrl = crossOrigin + sameOriginDeleteUrl;
     19 
     20    promise_test(async t => {
     21      await sharedStorage.set("hello", "there");
     22      await verifyKeyValueForOrigin('hello', 'there', sameOrigin);
     23 
     24      let response = await fetch(sameOriginDeleteUrl,
     25                                 {sharedStorageWritable: true});
     26      let sharedStorageWritableHeader = await response.text();
     27      assert_equals(sharedStorageWritableHeader, "?1");
     28 
     29      // JS does not see the `Shared-Storage-Write` response header.
     30      assert_false(!!response.headers.get('Shared-Storage-Write'));
     31 
     32      await verifyKeyNotFoundForOrigin('hello', sameOrigin);
     33    }, 'Deleting from shared storage via the \'Shared-Storage-Write\' header '
     34       + 'for a same-origin shared storage fetch request');
     35 
     36    promise_test(async t => {
     37      await setKeyValueForOrigin('hello', 'there', crossOrigin);
     38      await verifyKeyValueForOrigin('hello', 'there', crossOrigin);
     39 
     40      let response = await fetch(crossOriginDeleteUrl,
     41                                 {sharedStorageWritable: true});
     42      let sharedStorageWritableHeader = await response.text();
     43      assert_equals(sharedStorageWritableHeader, "?1");
     44 
     45      // JS does not see the `Shared-Storage-Write` response header.
     46      assert_false(!!response.headers.get('Shared-Storage-Write'));
     47 
     48      await verifyKeyNotFoundForOrigin('hello', crossOrigin);
     49    }, 'Deleting from shared storage via the \'Shared-Storage-Write\' header '
     50       + 'for a cross-origin shared storage fetch request');
     51  </script>
     52 </body>