The Tor Browser: dom/tests/mochitest/whatwg/postMessage

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 <!DOCTYPE html>

     2 <html>

     3 <head>

     4   <title>postMessage message receiver</title>

     5   <script type="application/javascript" src="browserFu.js"></script>

     6   <script type="application/javascript">

     7     function $(id) { return document.getElementById(id); }

     9     function setup()

    10     {

    11       var target = $("domain");

    12       target.textContent = location.hostname + ":" + (location.port || 80);

    13     }

    15     function receiveMessage(evt)

    16     {

    17       var response = evt.data + "-response";

    19       if (evt.lastEventId !== "")

    20         response += " wrong-lastEventId(" + evt.lastEventId + ")";

    22       if (evt.source !== window.parent)

    23       {

    24         response += " unexpected-source(" + evt.source + ")";

    25         response += " window-parent-is(" + window.parent + ")";

    26         response += " location(" + window.location.href + ")";

    27       }

    29       if (isMozilla)

    30       {

    31         if (evt.isTrusted !== false)

    32           response += " unexpected-trusted";

    33       }

    35       if (evt.type != "message")

    36         response += " wrong-type(" + evt.type + ")";

    38       var data = evt.data;

    39       if (data == "post-to-other-same-domain")

    40       {

    41         receiveSame(evt, response);

    42       }

    43       else if (data == "post-to-other-cross-domain")

    44       {

    45         receiveCross(evt, response);

    46       }

    47       else

    48       {

    49         response += " unexpected-message-to(" + window.location.href + ")";

    50         window.parent.postMessage(response, "http://mochi.test:8888");

    51         return;

    52       }

    53     }

    55     function receiveSame(evt, response)

    56     {

    57       var source = evt.source;

    58       try

    59       {

    60         if (evt.origin != "http://mochi.test:8888")

    61           response += " unexpected-origin(" + evt.origin + ")";

    63         try

    64         {

    65           var threw = false;

    66           var privateVariable = source.privateVariable;

    67         }

    68         catch (e)

    69         {

    70           threw = true;

    71         }

    72         if (threw || privateVariable !== window.parent.privateVariable)

    73           response += " accessed-source!!!";

    75       }

    76       finally

    77       {

    78         source.postMessage(response, evt.origin);

    79       }

    80     }

    82     function receiveCross(evt, response)

    83     {

    84       var source = evt.source;

    85       if (evt.origin != "http://mochi.test:8888")

    86         response += " unexpected-origin(" + evt.origin + ")";

    88       try

    89       {

    90         var threw = false;

    91         var privateVariable = source.privateVariable;

    92       }

    93       catch (e)

    94       {

    95         threw = true;

    96       }

    97       if (!threw || privateVariable !== undefined)

    98         response += " accessed-source!!!";

   100       source.postMessage(response, evt.origin);

   101     }

   103     window.addEventListener("load", setup, false);

   104     window.addEventListener("message", receiveMessage, false);

   105   </script>

   106 </head>

   107 <body>

   108 <h1 id="domain"></h1>

   109 </body>

   110 </html>

The Tor Browser / file revision