Source code

Revision control

Copy as Markdown

Other Tools

// Custom *.sjs file specifically for the needs of Bug 1711453
"use strict";
// small red image
const IMG_BYTES = atob(
"iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
"P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg=="
);
const IFRAME_INC = `<iframe id="testframeinc"></iframe>`;
// Sets an image sends cookie and location after loading
const SET_COOKIE_IMG = `
<html>
<body>
<img id="cookieImage">
<script class="testbody" type="text/javascript">
var cookieImage = document.getElementById("cookieImage");
cookieImage.onload = function() {
let myLocation = window.location.href;
let myCookie = document.cookie;
window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*');
}
cookieImage.onerror = function() {
window.opener.postMessage({result: 'error'}, '*');
}
// Add the last number of the old query to the new query to set cookie properly
cookieImage.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?setSameSiteCookie"
+ window.location.href.charAt(window.location.href.length -1);
</script>
</body>
</html>
`;
// Load blank frame navigation sends cookie and location after loading
const LOAD_BLANK_FRAME_NAV = `
<html>
<body>
<iframe id="testframe"></iframe>
<script>
let testframe = document.getElementById("testframe");
testframe.onload = function() {
let myLocation = window.location.href;
let myCookie = document.cookie;
window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*');
}
testframe.onerror = function() {
window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*');
}
testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadblankframeNav";
</script>
</body>
</html>
`;
// Load frame navigation sends cookie and location after loading
const LOAD_FRAME_NAV = `
<html>
<body>
<iframe id="testframe"></iframe>
<script>
let testframe = document.getElementById("testframe");
testframe.onload = function() {
let myLocation = window.location.href;
let myCookie = document.cookie;
window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*');
}
testframe.onerror = function() {
window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*');
}
testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadsrcdocframeNav";
</script>
</body>
</html>
`;
// blank frame sends cookie and location after loading
const LOAD_BLANK_FRAME = `
<html>
<body>
<iframe id="testframe"></iframe>
<script>
let testframe = document.getElementById("testframe");
testframe.onload = function() {
let myLocation = window.location.href;
let myCookie = document.cookie;
window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*');
}
testframe.onerror = function() {
window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*');
}
testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadblankframeInc";
</script>
</body>
</html>
`;
// frame sends cookie and location after loading
const LOAD_FRAME = `
<html>
<body>
<iframe id="testframe"></iframe>
<script>
let testframe = document.getElementById("testframe");
testframe.onload = function() {
let myLocation = window.location.href;
let myCookie = document.cookie;
window.opener.postMessage({result: 'upgraded', loc: myLocation, cookie: myCookie}, '*');
}
testframe.onerror = function() {
window.opener.postMessage({result: 'error', loc: 'error', cookie: ''}, '*');
}
testframe.src = window.location.origin + "/tests/dom/security/test/https-first/file_toplevel_cookies.sjs?loadsrcdocframeInc";
</script>
</body>
</html>
`;
const RESPONSE_UNEXPECTED = `
<html>
<body>
send message, error
<script type="application/javascript">
let myLocation = document.location.href;
window.opener.postMessage({result: 'error', loc: myLocation}, '*');
</script>
</body>
</html>`;
function setCookie(name, query) {
let cookie = name + "=";
if (query.includes("0")) {
cookie += "0;Domain=.example.com;sameSite=none";
return cookie;
}
if (query.includes("1")) {
cookie += "1;Domain=.example.com;sameSite=strict";
return cookie;
}
if (query.includes("2")) {
cookie += "2;Domain=.example.com;sameSite=none;secure";
return cookie;
}
if (query.includes("3")) {
cookie += "3;Domain=.example.com;sameSite=strict;secure";
return cookie;
}
return cookie + "error";
}
function handleRequest(request, response) {
// avoid confusing cache behaviors
response.setHeader("Cache-Control", "no-cache", false);
let query = request.queryString;
if (query.includes("setImage")) {
response.write(SET_COOKIE_IMG);
return;
}
// using startsWith and discard the math random
if (query.includes("setSameSiteCookie")) {
response.setHeader("Set-Cookie", setCookie("setImage", query), true);
response.setHeader("Content-Type", "image/png");
response.write(IMG_BYTES);
return;
}
// navigation tests
if (query.includes("loadNavBlank")) {
response.setHeader("Set-Cookie", setCookie("loadNavBlank", query), true);
response.write(LOAD_BLANK_FRAME_NAV);
return;
}
if (request.queryString === "loadblankframeNav") {
let FRAME = `
<iframe src="about:blank"
// nothing happens here
</iframe>`;
response.write(FRAME);
return;
}
if (query.includes("loadNav")) {
response.setHeader("Set-Cookie", setCookie("loadNav", query), true);
response.write(LOAD_FRAME_NAV);
return;
}
if (query === "loadsrcdocframeNav") {
let FRAME = `
<iframe srcdoc="foo"
// nothing happens here
</iframe>`;
response.write(FRAME);
return;
}
// inclusion tests
if (query.includes("loadframeIncBlank")) {
response.setHeader(
"Set-Cookie",
setCookie("loadframeIncBlank", query),
true
);
response.write(LOAD_BLANK_FRAME);
return;
}
if (request.queryString === "loadblankframeInc") {
let FRAME =
` <iframe id="blankframe" src="about:blank"></iframe>
<script>
document.getElementById("blankframe").contentDocument.write("` +
IFRAME_INC +
`");
<\script>`;
response.write(FRAME);
return;
}
if (query.includes("loadframeInc")) {
response.setHeader("Set-Cookie", setCookie("loadframeInc", query), true);
response.write(LOAD_FRAME);
return;
}
if (request.queryString === "loadsrcdocframeInc") {
response.write('<iframe srcdoc="' + IFRAME_INC + '"></iframe>');
return;
}
// We should never arrive here, just in case send 'error'
response.write(RESPONSE_UNEXPECTED);
}