summaryrefslogtreecommitdiffstats
path: root/dom/security/test/sec-fetch/test_trustworthy_loopback.html
blob: 95ecac17ed7a50ef937d3fd521ac18cb98db1760 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

<!DOCTYPE HTML>
<html>
<head>
  <title>Bug 1732069: Sec-Fetch-Site inconsistent on localhost/IPs</title>
  <script src="/tests/SimpleTest/SimpleTest.js"></script>
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<script type="application/javascript">

SimpleTest.waitForExplicitFinish();

let testsSucceeded = 0;

let win;
function checkTestsDone() {
  testsSucceeded++;
  if (testsSucceeded == 3) {
    win.close();
    SimpleTest.finish();
  }
}

var script = SpecialPowers.loadChromeScript(() => {
  /* eslint-env mozilla/chrome-script */
  Services.obs.addObserver(function onExamResp(subject, topic, data) {
    let channel = subject.QueryInterface(Ci.nsIHttpChannel);
    if (!channel.URI.spec.includes("localhost") ||
        channel.URI.spec.startsWith("http://localhost:9898/tests/dom/security/test/sec-fetch/file_trustworthy_loopback.html")) {
      return;
    }

    const expectedHeaders = {
      "localhost:9898": {
        "sec-fetch-site": "same-origin",
        "sec-fetch-mode": "navigate",
        "sec-fetch-dest": "iframe",
      },
      "sub.localhost:-1": {
        "sec-fetch-site": "cross-site",
        "sec-fetch-mode": "navigate",
        "sec-fetch-dest": "iframe",
      },
      "localhost:9899": {
        "sec-fetch-site": "same-site",
        "sec-fetch-mode": "navigate",
        "sec-fetch-dest": "iframe",
      },
    };

    info(`checking headers for request to ${channel.URI.spec}`);
    const expected = expectedHeaders[channel.URI.host + ":" + channel.URI.port];
    for (let key in expected) {
      try {
        is(channel.getRequestHeader(key), expected[key], `${key} header matches`);
      } catch (e) {
        ok(false, "failed to check headers");
      }
    }
    sendAsyncMessage("test-end");
  }, "http-on-stop-request");
});

script.addMessageListener("test-end", () => {
  checkTestsDone();
});

SpecialPowers.pushPrefEnv({set: [
  ["network.proxy.allow_hijacking_localhost", true],
  ["network.proxy.testing_localhost_is_secure_when_hijacked", true],
]}).then(function() {
  win = window.open("http://localhost:9898/tests/dom/security/test/sec-fetch/file_trustworthy_loopback.html");
});

</script>
</body>
</html>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-30 18:56:43 +0000