summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/html/cross-origin-opener-policy/resources/coop-coep.py
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/html/cross-origin-opener-policy/resources/coop-coep.py')
-rw-r--r--testing/web-platform/tests/html/cross-origin-opener-policy/resources/coop-coep.py84
1 files changed, 84 insertions, 0 deletions
diff --git a/testing/web-platform/tests/html/cross-origin-opener-policy/resources/coop-coep.py b/testing/web-platform/tests/html/cross-origin-opener-policy/resources/coop-coep.py
new file mode 100644
index 0000000000..d8e3bf0d42
--- /dev/null
+++ b/testing/web-platform/tests/html/cross-origin-opener-policy/resources/coop-coep.py
@@ -0,0 +1,84 @@
+import json
+
+def main(request, response):
+ requestData = request.GET
+ if request.method == u"POST":
+ requestData = request.POST
+
+ coop = requestData.first(b"coop")
+ coopReportOnly = requestData.first(b"coop-report-only", None)
+ coep = requestData.first(b"coep")
+ coepReportOnly = requestData.first(b"coep-report-only", None)
+ redirect = requestData.first(b"redirect", None)
+ if coop != b"":
+ response.headers.set(b"Cross-Origin-Opener-Policy", coop)
+ if coopReportOnly is not None:
+ response.headers.set(b"Cross-Origin-Opener-Policy-Report-Only", coopReportOnly)
+ if coep != b"":
+ response.headers.set(b"Cross-Origin-Embedder-Policy", coep)
+ if coepReportOnly is not None:
+ response.headers.set(b"Cross-Origin-Embedder-Policy-Report-Only", coepReportOnly)
+ if b'cache' in requestData:
+ response.headers.set(b'Cache-Control', b'max-age=3600')
+ host = request.url_parts[1]
+
+ if redirect != None:
+ response.status = 302
+ response.headers.set(b"Location", redirect)
+ return
+
+ # Collect relevant params to be visible to response JS
+ params = {}
+ for key in (b"navHistory", b"avoidBackAndForth", b"navigate", b"channel", b"responseToken", b"iframeToken"):
+ value = requestData.first(key, None)
+ params[key.decode()] = value and value.decode()
+
+ response.content = b"""
+<!doctype html>
+<meta charset=utf-8>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="/html/cross-origin-opener-policy/resources/fully-loaded.js"></script>
+<body>
+<script>
+ const params = %s;
+ const navHistory = params.navHistory;
+ const avoidBackAndForth = params.avoidBackAndForth;
+ const navigate = params.navigate;
+ if (navHistory !== null) {
+ fullyLoaded().then(() => {
+ history.go(Number(navHistory));
+ });
+ } else if (navigate !== null && (history.length === 1 || !avoidBackAndForth)) {
+ fullyLoaded().then(() => {
+ self.location = navigate;
+ });
+ } else {
+ let openerDOMAccessAllowed = false;
+ try {
+ openerDOMAccessAllowed = !!self.opener.document.URL;
+ } catch(ex) {
+ }
+ // Handle the response from the frame, closing the popup once the
+ // test completes.
+ addEventListener("message", event => {
+ if (event.data == "close") {
+ close();
+ }
+ });
+ iframe = document.createElement("iframe");
+ iframe.onload = () => {
+ const payload = { name: self.name, opener: !!self.opener, openerDOMAccess: openerDOMAccessAllowed };
+ iframe.contentWindow.postMessage(payload, "*");
+ };
+ const channelName = params.channel;
+ const responseToken = params.responseToken;
+ const iframeToken = params.iframeToken;
+ iframe.src = `${get_host_info().HTTPS_ORIGIN}/html/cross-origin-opener-policy/resources/postback.html` +
+ `?channel=${encodeURIComponent(channelName)}` +
+ `&responseToken=${responseToken}` +
+ `&iframeToken=${iframeToken}`;
+ document.body.appendChild(iframe);
+ }
+</script>
+</body>
+""" % json.dumps(params).encode("utf-8")
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-06 17:32:46 +0000