tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

localstorage-basic-partitioned.sub.html (2486B)

      1 <!doctype html>
      2 <meta charset=utf-8>
      3 <title>localStorage: partitioned storage test</title>
      4 <meta name=help href="https://privacycg.github.io/storage-partitioning/">
      5 <script src="/resources/testharness.js"></script>
      6 <script src="/resources/testharnessreport.js"></script>
      7 <iframe id="shared-iframe" src="http://{{host}}:{{ports[http][0]}}/webstorage/resources/localstorage-about-blank-partitioned-iframe.html"></iframe>
      8 <body>
      9 <script>
     10 // Here's the set-up for this test:
     11 // Step 1. (window) set up listeners for main window.
     12 // Step 2. (window) set up load listener for same-site iframe.
     13 // Step 3. (same-site iframe) loads, send it a message to createOrGet a "userID".
     14 // Step 4. (same-site iframe) receives the message, creates the "userID".
     15 // Step 5. (window) receives "storage got set" message from same-site iframe.
     16 // Step 6. (window) opens cross-site window w/ shared (same-site to us currently) iframe.
     17 // Step 7. (cross-site iframe) loads, sends back the userID key from the iframe.
     18 // Step 8. (window) asserts that the IDs should be different, as they should have a different StorageKey.
     19 const altOrigin = "http://{{hosts[alt][]}}:{{ports[http][0]}}";
     20 
     21 async_test(t => {
     22  let crossSiteWindow;
     23  let crossSiteID;
     24  let sameSiteID;
     25  const iframe = document.getElementById("shared-iframe");
     26 
     27  iframe.addEventListener("load", t.step_func(e => {
     28    const payload = {
     29      command: "create ID",
     30      key: "userID",
     31    };
     32    iframe.contentWindow.postMessage(payload, iframe.origin);
     33  }), {once: true});
     34 
     35  window.addEventListener("message", t.step_func(e => {
     36    if (e.data.message === "ID created") {
     37      sameSiteID = e.data.userID;
     38      assert_true(typeof sameSiteID === "string");
     39 
     40      if (location.origin !== altOrigin) {
     41        crossSiteWindow = window.open(`${altOrigin}/webstorage/localstorage-basic-partitioned.sub.html`, "", "noopener=false");
     42        t.add_cleanup(() => crossSiteWindow.close());
     43      }
     44    }
     45 
     46    if (e.data.message === "cross-site window iframe loaded") {
     47      crossSiteID = e.data.userID;
     48      t.step(() => {
     49        assert_true(typeof crossSiteID === "string");
     50        assert_true(sameSiteID !== crossSiteID, "IDs pulled from two partitioned iframes are different.")
     51      });
     52 
     53      // clean up after ourselves.
     54      iframe.contentWindow.localStorage.clear();
     55      crossSiteWindow.postMessage({command: "clearStorage"}, altOrigin);
     56      t.done();
     57    };
     58  }));
     59 }, "Simple test for partitioned localStorage");
     60 </script>
     61 </body>