tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

opaque-origin.https.html (2919B)

      1 <!DOCTYPE html>
      2 <meta charset=utf-8>
      3 <title>Web Locks API: Opaque origins</title>
      4 <link rel=help href="https://w3c.github.io/web-locks/">
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 <script>
      8 
      9 function load_iframe(src, sandbox) {
     10  return new Promise(resolve => {
     11    const iframe = document.createElement('iframe');
     12    iframe.onload = () => { resolve(iframe); };
     13    if (sandbox)
     14      iframe.sandbox = sandbox;
     15    iframe.srcdoc = src;
     16    iframe.style.display = 'none';
     17    document.documentElement.appendChild(iframe);
     18  });
     19 }
     20 
     21 function wait_for_message(iframe) {
     22  return new Promise(resolve => {
     23    self.addEventListener('message', function listener(e) {
     24      if (e.source === iframe.contentWindow) {
     25        resolve(e.data);
     26        self.removeEventListener('message', listener);
     27      }
     28    });
     29  });
     30 }
     31 
     32 const script = `
     33 <script>
     34  "use strict";
     35  window.onmessage = async (ev) => {
     36    try {
     37      switch (ev.data) {
     38        case "request":
     39          await navigator.locks.request('name', lock => {});
     40          break;
     41        case "query":
     42          await navigator.locks.query();
     43          break;
     44        default:
     45          window.parent.postMessage({result: "unexpected message"}, "*");
     46          return;
     47      }
     48      window.parent.postMessage({result: "no exception"}, "*");
     49    } catch (ex) {
     50      window.parent.postMessage({result: ex.name}, "*");
     51    };
     52  };
     53 <\/script>
     54 `;
     55 
     56 promise_test(async t => {
     57  const iframe = await load_iframe(script);
     58  iframe.contentWindow.postMessage("request", '*');
     59  const message = await wait_for_message(iframe);
     60  assert_equals(message.result, 'no exception',
     61                'navigator.locks.request() should not throw');
     62 }, 'navigator.locks.request() in non-sandboxed iframe should not throw');
     63 
     64 promise_test(async t => {
     65  const iframe = await load_iframe(script, 'allow-scripts');
     66  iframe.contentWindow.postMessage("request", '*');
     67  const message = await wait_for_message(iframe);
     68  assert_equals(message.result, 'SecurityError',
     69                'Exception should be SecurityError');
     70 }, 'navigator.locks.request() in sandboxed iframe should throw SecurityError');
     71 
     72 promise_test(async t => {
     73  const iframe = await load_iframe(script);
     74  iframe.contentWindow.postMessage("query", '*');
     75  const message = await wait_for_message(iframe);
     76  assert_equals(message.result, 'no exception',
     77                'navigator.locks.request() should not throw');
     78 }, 'navigator.locks.query() in non-sandboxed iframe should not throw');
     79 
     80 promise_test(async t => {
     81  const iframe = await load_iframe(script, 'allow-scripts');
     82  iframe.contentWindow.postMessage("query", '*');
     83  const message = await wait_for_message(iframe);
     84  assert_equals(message.result, 'SecurityError',
     85                'Exception should be SecurityError');
     86 }, 'navigator.locks.query() in sandboxed iframe should throw SecurityError');
     87 </script>