summaryrefslogtreecommitdiffstats
path: root/dom/security/test/csp/worker.sjs
diff options
context:
space:
mode:
Diffstat (limited to 'dom/security/test/csp/worker.sjs')
-rw-r--r--dom/security/test/csp/worker.sjs114
1 files changed, 114 insertions, 0 deletions
diff --git a/dom/security/test/csp/worker.sjs b/dom/security/test/csp/worker.sjs
new file mode 100644
index 0000000000..e85df3382a
--- /dev/null
+++ b/dom/security/test/csp/worker.sjs
@@ -0,0 +1,114 @@
+Components.utils.importGlobalProperties(["URLSearchParams"]);
+
+const SJS = "http://mochi.test:8888/tests/dom/security/test/csp/worker.sjs";
+
+function createFetchWorker(url) {
+ return `fetch("${url}");`;
+}
+
+function createXHRWorker(url) {
+ return `
+ try {
+ var xhr = new XMLHttpRequest();
+ xhr.open("GET", "${url}");
+ xhr.send();
+ } catch(ex) {}
+ `;
+}
+
+function createImportScriptsWorker(url) {
+ return `
+ try {
+ importScripts("${url}");
+ } catch(ex) {}
+ `;
+}
+
+function createChildWorkerURL(params) {
+ let url = SJS + "?" + params.toString();
+ return `new Worker("${url}");`;
+}
+
+function createChildWorkerBlob(params) {
+ let url = SJS + "?" + params.toString();
+ return `
+ try {
+ var xhr = new XMLHttpRequest();
+ xhr.open("GET", "${url}");
+ xhr.responseType = "blob";
+ xhr.send();
+ xhr.onload = () => {
+ new Worker(URL.createObjectURL(xhr.response));};
+ } catch(ex) {}
+ `;
+}
+
+function handleRequest(request, response) {
+ let params = new URLSearchParams(request.queryString);
+
+ let id = params.get("id");
+ let base = unescape(params.get("base"));
+ let child = params.has("child") ? params.get("child") : "";
+
+ //avoid confusing cache behaviors
+ response.setHeader("Cache-Control", "no-cache", false);
+ response.setHeader("Content-Type", "application/javascript");
+
+ // Deliver the CSP policy encoded in the URL
+ if (params.has("csp")) {
+ response.setHeader(
+ "Content-Security-Policy",
+ unescape(params.get("csp")),
+ false
+ );
+ }
+
+ if (child) {
+ let childCsp = params.has("childCsp") ? params.get("childCsp") : "";
+ params.delete("csp");
+ params.delete("child");
+ params.delete("childCsp");
+ params.append("csp", childCsp);
+
+ switch (child) {
+ case "blob":
+ response.write(createChildWorkerBlob(params));
+ break;
+
+ case "url":
+ response.write(createChildWorkerURL(params));
+ break;
+
+ default:
+ response.setStatusLine(request.httpVersion, 400, "Bad request");
+ break;
+ }
+
+ return;
+ }
+
+ if (params.has("action")) {
+ switch (params.get("action")) {
+ case "fetch":
+ response.write(createFetchWorker(base + "?id=" + id));
+ break;
+
+ case "xhr":
+ response.write(createXHRWorker(base + "?id=" + id));
+ break;
+
+ case "importScripts":
+ response.write(createImportScriptsWorker(base + "?id=" + id));
+ break;
+
+ default:
+ response.setStatusLine(request.httpVersion, 400, "Bad request");
+ break;
+ }
+
+ return;
+ }
+
+ response.write("I don't know action ");
+ return;
+}