summaryrefslogtreecommitdiffstats
path: root/dom/security/test/https-first/file_break_endless_upgrade_downgrade_loop.sjs
diff options
context:
space:
mode:
Diffstat (limited to 'dom/security/test/https-first/file_break_endless_upgrade_downgrade_loop.sjs')
-rw-r--r--dom/security/test/https-first/file_break_endless_upgrade_downgrade_loop.sjs61
1 files changed, 61 insertions, 0 deletions
diff --git a/dom/security/test/https-first/file_break_endless_upgrade_downgrade_loop.sjs b/dom/security/test/https-first/file_break_endless_upgrade_downgrade_loop.sjs
new file mode 100644
index 0000000000..eb64c59e97
--- /dev/null
+++ b/dom/security/test/https-first/file_break_endless_upgrade_downgrade_loop.sjs
@@ -0,0 +1,61 @@
+"use strict";
+
+const REDIRECT_URI =
+ "http://example.com/tests/dom/security/test/https-first/file_break_endless_upgrade_downgrade_loop.sjs?verify";
+const DOWNGRADE_URI =
+ "http://example.com/tests/dom/security/test/https-first/file_downgrade_with_different_path.sjs";
+const RESPONSE_ERROR = "unexpected-query";
+
+// An onload postmessage to window opener
+const RESPONSE_HTTPS_SCHEME = `
+ <html>
+ <body>
+ <script type="application/javascript">
+ window.opener.postMessage({result: 'scheme-https'}, '*');
+ </script>
+ </body>
+ </html>`;
+
+const RESPONSE_HTTP_SCHEME = `
+ <html>
+ <body>
+ <script type="application/javascript">
+ window.opener.postMessage({result: 'scheme-http'}, '*');
+ </script>
+ </body>
+ </html>`;
+
+function handleRequest(request, response) {
+ response.setHeader("Cache-Control", "no-cache", false);
+ const query = request.queryString;
+
+ if (query == "downgrade") {
+ // send same-origin downgrade from https: to http: with a different path.
+ // we don't consider it's an endless upgrade downgrade loop in this case.
+ response.setStatusLine(request.httpVersion, 302, "Found");
+ response.setHeader("Location", DOWNGRADE_URI, false);
+ return;
+ }
+
+ // handle the redirect case
+ if ((query >= 301 && query <= 303) || query == 307) {
+ // send same-origin downgrade from https: to http: again simluating
+ // and endless upgrade downgrade loop.
+ response.setStatusLine(request.httpVersion, query, "Found");
+ response.setHeader("Location", REDIRECT_URI, false);
+ return;
+ }
+
+ // Check if scheme is http:// or https://
+ if (query == "verify") {
+ let response_content =
+ request.scheme === "https" ? RESPONSE_HTTPS_SCHEME : RESPONSE_HTTP_SCHEME;
+ response.setStatusLine(request.httpVersion, 200, "OK");
+ response.write(response_content);
+ return;
+ }
+
+ // We should never get here, but just in case ...
+ response.setStatusLine(request.httpVersion, 500, "OK");
+ response.write("unexepcted query");
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-22 09:22:37 +0000