dom/tests/mochitest/whatwg/postMessage_helper.html@97036ab72558 (annotated)
dom/tests/mochitest/whatwg/postMessage_helper.html
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
| michael@0 | 1 | <!DOCTYPE html> |
| michael@0 | 2 | <html> |
| michael@0 | 3 | <head> |
| michael@0 | 4 | <title>postMessage message receiver</title> |
| michael@0 | 5 | <script type="application/javascript" src="browserFu.js"></script> |
| michael@0 | 6 | <script type="application/javascript"> |
| michael@0 | 7 | function $(id) { return document.getElementById(id); } |
| michael@0 | 8 | |
| michael@0 | 9 | function setup() |
| michael@0 | 10 | { |
| michael@0 | 11 | var target = $("domain"); |
| michael@0 | 12 | target.textContent = location.hostname + ":" + (location.port || 80); |
| michael@0 | 13 | } |
| michael@0 | 14 | |
| michael@0 | 15 | function receiveMessage(evt) |
| michael@0 | 16 | { |
| michael@0 | 17 | var response = evt.data + "-response"; |
| michael@0 | 18 | |
| michael@0 | 19 | if (evt.lastEventId !== "") |
| michael@0 | 20 | response += " wrong-lastEventId(" + evt.lastEventId + ")"; |
| michael@0 | 21 | |
| michael@0 | 22 | if (evt.source !== window.parent) |
| michael@0 | 23 | { |
| michael@0 | 24 | response += " unexpected-source(" + evt.source + ")"; |
| michael@0 | 25 | response += " window-parent-is(" + window.parent + ")"; |
| michael@0 | 26 | response += " location(" + window.location.href + ")"; |
| michael@0 | 27 | } |
| michael@0 | 28 | |
| michael@0 | 29 | if (isMozilla) |
| michael@0 | 30 | { |
| michael@0 | 31 | if (evt.isTrusted !== false) |
| michael@0 | 32 | response += " unexpected-trusted"; |
| michael@0 | 33 | } |
| michael@0 | 34 | |
| michael@0 | 35 | if (evt.type != "message") |
| michael@0 | 36 | response += " wrong-type(" + evt.type + ")"; |
| michael@0 | 37 | |
| michael@0 | 38 | var data = evt.data; |
| michael@0 | 39 | if (data == "post-to-other-same-domain") |
| michael@0 | 40 | { |
| michael@0 | 41 | receiveSame(evt, response); |
| michael@0 | 42 | } |
| michael@0 | 43 | else if (data == "post-to-other-cross-domain") |
| michael@0 | 44 | { |
| michael@0 | 45 | receiveCross(evt, response); |
| michael@0 | 46 | } |
| michael@0 | 47 | else |
| michael@0 | 48 | { |
| michael@0 | 49 | response += " unexpected-message-to(" + window.location.href + ")"; |
| michael@0 | 50 | window.parent.postMessage(response, "http://mochi.test:8888"); |
| michael@0 | 51 | return; |
| michael@0 | 52 | } |
| michael@0 | 53 | } |
| michael@0 | 54 | |
| michael@0 | 55 | function receiveSame(evt, response) |
| michael@0 | 56 | { |
| michael@0 | 57 | var source = evt.source; |
| michael@0 | 58 | try |
| michael@0 | 59 | { |
| michael@0 | 60 | if (evt.origin != "http://mochi.test:8888") |
| michael@0 | 61 | response += " unexpected-origin(" + evt.origin + ")"; |
| michael@0 | 62 | |
| michael@0 | 63 | try |
| michael@0 | 64 | { |
| michael@0 | 65 | var threw = false; |
| michael@0 | 66 | var privateVariable = source.privateVariable; |
| michael@0 | 67 | } |
| michael@0 | 68 | catch (e) |
| michael@0 | 69 | { |
| michael@0 | 70 | threw = true; |
| michael@0 | 71 | } |
| michael@0 | 72 | if (threw || privateVariable !== window.parent.privateVariable) |
| michael@0 | 73 | response += " accessed-source!!!"; |
| michael@0 | 74 | |
| michael@0 | 75 | } |
| michael@0 | 76 | finally |
| michael@0 | 77 | { |
| michael@0 | 78 | source.postMessage(response, evt.origin); |
| michael@0 | 79 | } |
| michael@0 | 80 | } |
| michael@0 | 81 | |
| michael@0 | 82 | function receiveCross(evt, response) |
| michael@0 | 83 | { |
| michael@0 | 84 | var source = evt.source; |
| michael@0 | 85 | if (evt.origin != "http://mochi.test:8888") |
| michael@0 | 86 | response += " unexpected-origin(" + evt.origin + ")"; |
| michael@0 | 87 | |
| michael@0 | 88 | try |
| michael@0 | 89 | { |
| michael@0 | 90 | var threw = false; |
| michael@0 | 91 | var privateVariable = source.privateVariable; |
| michael@0 | 92 | } |
| michael@0 | 93 | catch (e) |
| michael@0 | 94 | { |
| michael@0 | 95 | threw = true; |
| michael@0 | 96 | } |
| michael@0 | 97 | if (!threw || privateVariable !== undefined) |
| michael@0 | 98 | response += " accessed-source!!!"; |
| michael@0 | 99 | |
| michael@0 | 100 | source.postMessage(response, evt.origin); |
| michael@0 | 101 | } |
| michael@0 | 102 | |
| michael@0 | 103 | window.addEventListener("load", setup, false); |
| michael@0 | 104 | window.addEventListener("message", receiveMessage, false); |
| michael@0 | 105 | </script> |
| michael@0 | 106 | </head> |
| michael@0 | 107 | <body> |
| michael@0 | 108 | <h1 id="domain"></h1> |
| michael@0 | 109 | </body> |
| michael@0 | 110 | </html> |
