The Tor Browser / file revision

content/html/content/test/file_iframe_sandbox_b_if2.html@ac0c01689b40

content/html/content/test/file_iframe_sandbox_b_if2.html

Thu, 15 Jan 2015 15:59:08 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 15 Jan 2015 15:59:08 +0100
branch
TOR_BUG_9701
changeset 10
ac0c01689b40
permissions
-rw-r--r--

Implement a real Private Browsing Mode condition by changing the API/ABI;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.

     1 <!DOCTYPE HTML>

     2 <html>

     3 <head>

     4   <meta charset="utf-8">

     5   <title>Test for Bug 341604</title>

     6   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>

     7 </head>

     8 <script>

     9   function ok(condition, msg) {

    10     window.parent.ok_wrapper(condition, msg);

    11   }

    12 

    13   function testXHR() {

    14     var xhr = new XMLHttpRequest();

    15 

    16     xhr.open("GET", "file_iframe_sandbox_b_if1.html");

    17 

    18     xhr.onreadystatechange = function (oEvent) {

    19       var result = false;

    20       if (xhr.readyState == 4) {

    21         if (xhr.status == 200) {

    22           result = true;

    23         }

    24         ok(result, "XHR should work normally in an iframe sandboxed with 'allow-same-origin'");

    25       }

    26     }

    27 

    28     xhr.send(null);

    29   }

    30 

    31   function doStuff() {

    32     ok(true, "documents sandboxed with 'allow-same-origin' should be able to access their parent");

    33 

    34     // should be able to access document.cookie since we have 'allow-same-origin'

    35     ok(document.cookie == "", "a document sandboxed with allow-same-origin should be able to access document.cookie");

    36 

    37     // should be able to access localStorage since we have 'allow-same-origin'

    38     ok(window.localStorage, "a document sandboxed with allow-same-origin should be able to access localStorage");

    39 

    40     // should be able to access sessionStorage since we have 'allow-same-origin'

    41     ok(window.sessionStorage, "a document sandboxed with allow-same-origin should be able to access sessionStorage");

    42 

    43     testXHR();

    44   }

    45 </script>

    46 <body onLoad="doStuff()">

    47   I am sandboxed but with "allow-same-origin" and "allow-scripts"

    48 </body>

    49 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial