tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

shared-storage-writable-permissions-policy-default.tentative.https.sub.html (3275B)

      1 <!doctype html>
      2 <body>
      3  <script src=/resources/testharness.js></script>
      4  <script src=/resources/testharnessreport.js></script>
      5  <script src=/permissions-policy/resources/permissions-policy.js></script>
      6  <script src=/common/utils.js></script>
      7  <script src=/fenced-frame/resources/utils.js></script>
      8  <script src=/shared-storage/resources/util.js></script>
      9  <script>
     10    'use strict';
     11    const header = 'Default permissions policy';
     12    const rawSetHeader = 'set;key=hello;value=world';
     13    const setHeader = encodeURIComponent(rawSetHeader);
     14    const sameOriginUrl =
     15          `/shared-storage/resources/shared-storage-write.py?write=${setHeader}`;
     16    const sameOrigin = generateURL(sameOriginUrl, []).origin;
     17    const crossOrigin = 'https://{{domains[www]}}:{{ports[https][0]}}';
     18    const crossOriginUrl = crossOrigin + sameOriginUrl;
     19 
     20    promise_test(async t => {
     21      let response = await fetch(sameOriginUrl,
     22                                 {sharedStorageWritable: true});
     23      let sharedStorageWritableHeader = await response.text();
     24      assert_equals(sharedStorageWritableHeader, "?1");
     25 
     26      await verifyKeyValueForOrigin('hello', 'world', sameOrigin);
     27      await deleteKeyForOrigin('hello', sameOrigin);
     28    }, header + ' allows the \'Sec-Shared-Storage-Writable\' header to be '
     29              + 'sent for the same-origin shared storage fetch request.');
     30 
     31    promise_test(async t => {
     32      let response = await fetch(crossOriginUrl,
     33                                 {sharedStorageWritable: true});
     34      let sharedStorageWritableHeader = await response.text();
     35      assert_equals(sharedStorageWritableHeader, "?1");
     36 
     37      await verifyKeyValueForOrigin('hello', 'world', crossOrigin);
     38      await deleteKeyForOrigin('hello', crossOrigin);
     39    }, header + ' allows the \'Sec-Shared-Storage-Writable\' header to be '
     40              + 'sent for the cross-origin shared storage fetch request.');
     41 
     42    promise_test(async t => {
     43      let response = await fetch('/common/redirect.py?location='
     44                                 + sameOriginUrl,
     45                                 {sharedStorageWritable: true});
     46      let sharedStorageWritableHeader = await response.text();
     47      assert_equals(sharedStorageWritableHeader, "?1");
     48 
     49      await verifyKeyValueForOrigin('hello', 'world', sameOrigin);
     50      await deleteKeyForOrigin('hello', sameOrigin);
     51    }, header + ' allows the \'Sec-Shared-Storage-Writable\' header to be '
     52              + 'sent for the redirect of a shared storage fetch request, '
     53              + 'where the redirect has a same-origin URL.');
     54 
     55    promise_test(async t => {
     56      let response = await fetch('/common/redirect.py?location='
     57                                 + crossOriginUrl,
     58                                 {sharedStorageWritable: true});
     59      let sharedStorageWritableHeader = await response.text();
     60      assert_equals(sharedStorageWritableHeader, "?1");
     61 
     62      await verifyKeyValueForOrigin('hello', 'world', crossOrigin);
     63      await deleteKeyForOrigin('hello', crossOrigin);
     64    }, header + ' allows the \'Sec-Shared-Storage-Writable\' header to be '
     65              + 'sent for the redirect of a shared storage fetch request, '
     66              + 'where the redirect has a cross-origin URL.');
     67  </script>
     68 </body>