From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 02:47:55 +0200 Subject: Adding upstream version 124.0.1. Signed-off-by: Daniel Baumann --- .../general/file_same_site_cookies_from_script.sjs | 48 ++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 dom/security/test/general/file_same_site_cookies_from_script.sjs (limited to 'dom/security/test/general/file_same_site_cookies_from_script.sjs') diff --git a/dom/security/test/general/file_same_site_cookies_from_script.sjs b/dom/security/test/general/file_same_site_cookies_from_script.sjs new file mode 100644 index 0000000000..0df217cf45 --- /dev/null +++ b/dom/security/test/general/file_same_site_cookies_from_script.sjs @@ -0,0 +1,48 @@ +// Custom *.sjs file specifically for the needs of Bug 1452496 + +const SET_COOKIE_FRAME = ` + + + + Bug 1452496 - Do not allow same-site cookies in cross site context + + + + + `; + +const GET_COOKIE_FRAME = ` + + + + Bug 1452496 - Do not allow same-site cookies in cross site context + + + + + `; + +function handleRequest(request, response) { + // avoid confusing cache behaviors + response.setHeader("Cache-Control", "no-cache", false); + + if (request.queryString.includes("setSameSiteCookieUsingInlineScript")) { + response.write(SET_COOKIE_FRAME); + return; + } + + if (request.queryString.includes("getCookieFrame")) { + response.write(GET_COOKIE_FRAME); + return; + } + + // we should never get here, but just in case return something unexpected + response.write("D'oh"); +} -- cgit v1.2.3