diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /dom/security/test/https-first/file_toplevel_cookies.sjs | |
parent | Initial commit. (diff) | |
download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/security/test/https-first/file_toplevel_cookies.sjs')
-rw-r--r-- | dom/security/test/https-first/file_toplevel_cookies.sjs | 233 |
1 files changed, 233 insertions, 0 deletions
diff --git a/dom/security/test/https-first/file_toplevel_cookies.sjs b/dom/security/test/https-first/file_toplevel_cookies.sjs new file mode 100644 index 0000000000..dd9f7c0909 --- /dev/null +++ b/dom/security/test/https-first/file_toplevel_cookies.sjs @@ -0,0 +1,233 @@ +// Custom *.sjs file specifically for the needs of Bug 1711453 +"use strict"; + +// small red image +const IMG_BYTES = atob( + "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" + + "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==" +); + +const IFRAME_INC = `<iframe id="testframeinc"></iframe>`; + +// Sets an image sends cookie and location after loading +const SET_COOKIE_IMG = ` +<html> +<body> +<img id="cookieImage"> +<script class="testbody" type="text/javascript"> + var cookieImage = document.getElementById("cookieImage"); + cookieImage.onload = function() { + let myLocation = window.location.href; + let myCookie = document.cookie; + window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*'); + } + cookieImage.onerror = function() { + window.opener.postMessage({result: 'error'}, '*'); + } + // Add the last number of the old query to the new query to set cookie properly + cookieImage.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?setSameSiteCookie" + + window.location.href.charAt(window.location.href.length -1); +</script> +</body> +</html> +`; + +// Load blank frame navigation sends cookie and location after loading +const LOAD_BLANK_FRAME_NAV = ` +<html> +<body> +<iframe id="testframe"></iframe> +<script> + let testframe = document.getElementById("testframe"); + testframe.onload = function() { + let myLocation = window.location.href; + let myCookie = document.cookie; + window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*'); + } + testframe.onerror = function() { + window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*'); + } + testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadblankframeNav"; +</script> +</body> +</html> +`; + +// Load frame navigation sends cookie and location after loading +const LOAD_FRAME_NAV = ` +<html> +<body> +<iframe id="testframe"></iframe> +<script> + let testframe = document.getElementById("testframe"); + testframe.onload = function() { + let myLocation = window.location.href; + let myCookie = document.cookie; + window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*'); + } + testframe.onerror = function() { + window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*'); + } + testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadsrcdocframeNav"; +</script> +</body> +</html> + +`; +// blank frame sends cookie and location after loading +const LOAD_BLANK_FRAME = ` +<html> +<body> +<iframe id="testframe"></iframe> +<script> + let testframe = document.getElementById("testframe"); + testframe.onload = function() { + let myLocation = window.location.href; + let myCookie = document.cookie; + window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*'); + } + testframe.onerror = function() { + window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*'); + } + testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadblankframeInc"; +</script> +</body> +</html> +`; +// frame sends cookie and location after loading +const LOAD_FRAME = ` +<html> +<body> +<iframe id="testframe"></iframe> +<script> + let testframe = document.getElementById("testframe"); + testframe.onload = function() { + let myLocation = window.location.href; + let myCookie = document.cookie; + window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*'); + } + testframe.onerror = function() { + window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*'); + } + testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadsrcdocframeInc"; +</script> +</body> +</html> +`; + +const RESPONSE_UNEXPECTED = ` + <html> + <body> + send message, error + <script type="application/javascript"> + let myLocation = document.location.href; + window.opener.postMessage({result: 'error', loc: myLocation}, '*'); + </script> + </body> + </html>`; + +function setCookie(name, query) { + let cookie = name + "="; + if (query.includes("0")) { + cookie += "0;Domain=.example.com;sameSite=none"; + return cookie; + } + if (query.includes("1")) { + cookie += "1;Domain=.example.com;sameSite=strict"; + return cookie; + } + if (query.includes("2")) { + cookie += "2;Domain=.example.com;sameSite=none;secure"; + return cookie; + } + if (query.includes("3")) { + cookie += "3;Domain=.example.com;sameSite=strict;secure"; + return cookie; + } + return cookie + "error"; +} + +function handleRequest(request, response) { + // avoid confusing cache behaviors + response.setHeader("Cache-Control", "no-cache", false); + let query = request.queryString; + if (query.includes("setImage")) { + response.write(SET_COOKIE_IMG); + return; + } + // using startsWith and discard the math random + if (query.includes("setSameSiteCookie")) { + response.setHeader("Set-Cookie", setCookie("setImage", query), true); + response.setHeader("Content-Type", "image/png"); + response.write(IMG_BYTES); + return; + } + + // navigation tests + if (query.includes("loadNavBlank")) { + response.setHeader("Set-Cookie", setCookie("loadNavBlank", query), true); + response.write(LOAD_BLANK_FRAME_NAV); + return; + } + + if (request.queryString === "loadblankframeNav") { + let FRAME = ` + <iframe src="about:blank" + // nothing happens here + </iframe>`; + response.write(FRAME); + return; + } + + if (query.includes("loadNav")) { + response.setHeader("Set-Cookie", setCookie("loadNav", query), true); + response.write(LOAD_FRAME_NAV); + return; + } + + if (query === "loadsrcdocframeNav") { + let FRAME = ` + <iframe srcdoc="foo" + // nothing happens here + </iframe>`; + response.write(FRAME); + return; + } + + // inclusion tests + if (query.includes("loadframeIncBlank")) { + response.setHeader( + "Set-Cookie", + setCookie("loadframeIncBlank", query), + true + ); + response.write(LOAD_BLANK_FRAME); + return; + } + + if (request.queryString === "loadblankframeInc") { + let FRAME = + ` <iframe id="blankframe" src="about:blank"></iframe> + <script> + document.getElementById("blankframe").contentDocument.write("` + + IFRAME_INC + + `"); + <\script>`; + response.write(FRAME); + return; + } + + if (query.includes("loadframeInc")) { + response.setHeader("Set-Cookie", setCookie("loadframeInc", query), true); + response.write(LOAD_FRAME); + return; + } + + if (request.queryString === "loadsrcdocframeInc") { + response.write('<iframe srcdoc="' + IFRAME_INC + '"></iframe>'); + return; + } + + // We should never arrive here, just in case send 'error' + response.write(RESPONSE_UNEXPECTED); +} |