tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

credentials-tests.js (5045B)

      1 function createCookieValue(settings) {
      2  return settings.credentials + '-' + settings.origin;
      3 }
      4 
      5 function createSetCookieURL(settings) {
      6  const params = new URLSearchParams;
      7  params.append('name', 'cookieName');
      8  params.append('value', createCookieValue(settings));
      9  if (settings.origin == 'same') {
     10    return get_host_info().HTTPS_ORIGIN +
     11           '/worklets/resources/set-cookie.py?' + params;
     12  }
     13  if (settings.origin == 'remote') {
     14    return get_host_info().HTTPS_REMOTE_ORIGIN +
     15           '/worklets/resources/set-cookie.py?' + params;
     16  }
     17  assert_unreached('settings.origin has an invalid value.');
     18 }
     19 
     20 function createScriptURL(settings) {
     21  const params = new URLSearchParams;
     22  if (settings.expectCredentialsSent)
     23    params.append('value', createCookieValue(settings));
     24  if (settings.origin == 'same') {
     25    return get_host_info().HTTPS_ORIGIN +
     26           '/worklets/resources/credentials.py?' + params;
     27  }
     28  if (settings.origin == 'remote') {
     29    return get_host_info().HTTPS_REMOTE_ORIGIN +
     30           '/worklets/resources/credentials.py?' + params;
     31  }
     32  assert_unreached('settings.origin has an invalid value.');
     33 }
     34 
     35 function createWorkletOptions(settings) {
     36  if (settings.credentials == '')
     37    return {};
     38  return { credentials: settings.credentials };
     39 }
     40 
     41 // Run a credentials test with the given settings.
     42 //
     43 // Example:
     44 // settings = {
     45 //   workletType: 'paint',
     46 //   credentials: 'include',
     47 //   origin: 'same',  // 'same' or 'remote'
     48 //   expectCredentialsSent: true
     49 // };
     50 function runCredentialsTest(settings) {
     51  const worklet = get_worklet(settings.workletType);
     52  const setCookieURL = createSetCookieURL(settings);
     53  const scriptURL = createScriptURL(settings);
     54  const options = createWorkletOptions(settings);
     55 
     56  // { credentials: 'include' } is necessary for configuring document's cookies
     57  // with the Set-Cookie: header of the response.
     58  return fetch(setCookieURL, { mode: 'cors', credentials: 'include' })
     59      .then(response => worklet.addModule(scriptURL, options));
     60 }
     61 
     62 // Runs a series of tests related to credentials on a worklet.
     63 //
     64 // Usage:
     65 // runCredentialsTests("paint");
     66 function runCredentialsTests(worklet_type) {
     67  promise_test(() => {
     68    return runCredentialsTest({ workletType: worklet_type,
     69                                credentials: '',
     70                                origin: 'same',
     71                                expectCredentialsSent: true });
     72  }, 'Importing a same-origin script with the default WorkletOptions should ' +
     73     'send the credentials');
     74 
     75  promise_test(() => {
     76    return runCredentialsTest({ workletType: worklet_type,
     77                                credentials: '',
     78                                origin: 'remote',
     79                                expectCredentialsSent: false });
     80  }, 'Importing a remote-origin script with the default WorkletOptions ' +
     81     'should not send the credentials');
     82 
     83  promise_test(() => {
     84    return runCredentialsTest({ workletType: worklet_type,
     85                                credentials: 'omit',
     86                                origin: 'same',
     87                                expectCredentialsSent: false });
     88  }, 'Importing a same-origin script with credentials=omit should not send ' +
     89     'the credentials');
     90 
     91  promise_test(() => {
     92    return runCredentialsTest({ workletType: worklet_type,
     93                                credentials: 'omit',
     94                                origin: 'remote',
     95                                expectCredentialsSent: false });
     96  }, 'Importing a remote-origin script with credentials=omit should not send ' +
     97     'the credentials');
     98 
     99  promise_test(() => {
    100    return runCredentialsTest({ workletType: worklet_type,
    101                                credentials: 'same-origin',
    102                                origin: 'same',
    103                                expectCredentialsSent: true });
    104  }, 'Importing a same-origin script with credentials=same-origin should ' +
    105     'send the credentials');
    106 
    107  promise_test(() => {
    108    return runCredentialsTest({ workletType: worklet_type,
    109                                credentials: 'same-origin',
    110                                origin: 'remote',
    111                                expectCredentialsSent: false });
    112  }, 'Importing a remote-origin script with credentials=same-origin should ' +
    113     'not send the credentials');
    114 
    115  promise_test(() => {
    116    return runCredentialsTest({ workletType: worklet_type,
    117                                credentials: 'include',
    118                                origin: 'same',
    119                                expectCredentialsSent: true });
    120  }, 'Importing a same-origin script with credentials=include should send ' +
    121     'the credentials');
    122 
    123  promise_test(() => {
    124    return runCredentialsTest({ workletType: worklet_type,
    125                                credentials: 'include',
    126                                origin: 'remote',
    127                                expectCredentialsSent: true });
    128  }, 'Importing a remote-origin script with credentials=include should ' +
    129     'send the credentials');
    130 }