tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

opaque-origin.https.window.js (2045B)

      1 // META: title=Storage Buckets API: Interface is not exposed in opaque origins.
      2 // META: script=resources/util.js
      3 // META: global=window
      4 
      5 const kSandboxWindowUrl = 'resources/opaque-origin-sandbox.html';
      6 
      7 function add_iframe(test, src, sandbox) {
      8  const iframe = document.createElement('iframe');
      9  iframe.src = src;
     10  if (sandbox !== undefined) {
     11    iframe.sandbox = sandbox;
     12  }
     13  document.body.appendChild(iframe);
     14  test.add_cleanup(() => {
     15    iframe.remove();
     16  });
     17 }
     18 
     19 // |kSandboxWindowUrl| sends the result of methods on StorageBucketManager.
     20 // For windows using sandbox="allow-scripts", it must produce a rejected
     21 // promise.
     22 async function verify_results_from_sandboxed_child_window(test) {
     23  const event_watcher = new EventWatcher(test, self, 'message');
     24 
     25  const first_message_event = await event_watcher.wait_for('message');
     26  assert_equals(
     27    first_message_event.data,
     28    'navigator.storageBuckets.open(): REJECTED: SecurityError');
     29 
     30  const second_message_event = await event_watcher.wait_for('message');
     31  assert_equals(
     32    second_message_event.data,
     33    'navigator.storageBuckets.keys(): REJECTED: SecurityError');
     34 
     35  const third_message_event = await event_watcher.wait_for('message');
     36  assert_equals(
     37    third_message_event.data,
     38    'navigator.storageBuckets.delete(): REJECTED: SecurityError');
     39 }
     40 
     41 promise_test(async testCase => {
     42  prepareForBucketTest(testCase);
     43  add_iframe(testCase, kSandboxWindowUrl, /*sandbox=*/ 'allow-scripts');
     44  await verify_results_from_sandboxed_child_window(testCase);
     45 }, 'StorageBucketManager methods must reject in a sandboxed iframe.');
     46 
     47 promise_test(async testCase => {
     48  prepareForBucketTest(testCase);
     49  const child_window_url = kSandboxWindowUrl +
     50      '?pipe=header(Content-Security-Policy, sandbox allow-scripts)';
     51 
     52  const child_window = window.open(child_window_url);
     53  testCase.add_cleanup(() => {
     54    child_window.close();
     55  });
     56 
     57  await verify_results_from_sandboxed_child_window(testCase);
     58 }, 'StorageBucketManager methods must reject in a sandboxed opened window.');