1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
import os, sys, json
from wptserve.utils import isomorphic_decode, isomorphic_encode
import importlib
util = importlib.import_module("common.security-features.scope.util")
def main(request, response):
policyDeliveries = json.loads(request.GET.first(b'policyDeliveries', b'[]'))
worker_type = request.GET.first(b'type', b'classic')
commonjs_url = u'%s://%s:%s/common/security-features/resources/common.sub.js' % (
request.url_parts.scheme, request.url_parts.hostname,
request.url_parts.port)
if worker_type == b'classic':
import_line = u'importScripts("%s");' % commonjs_url
else:
import_line = u'import "%s";' % commonjs_url
maybe_additional_headers = {}
error = u''
for delivery in policyDeliveries:
if delivery[u'deliveryType'] == u'meta':
error = u'<meta> cannot be used in WorkerGlobalScope'
elif delivery[u'deliveryType'] == u'http-rp':
if delivery[u'key'] == u'referrerPolicy':
maybe_additional_headers[b'Referrer-Policy'] = isomorphic_encode(delivery[u'value'])
elif delivery[u'key'] == u'mixedContent' and delivery[u'value'] == u'opt-in':
maybe_additional_headers[b'Content-Security-Policy'] = b'block-all-mixed-content'
elif delivery[u'key'] == u'upgradeInsecureRequests' and delivery[u'value'] == u'upgrade':
maybe_additional_headers[b'Content-Security-Policy'] = b'upgrade-insecure-requests'
else:
error = u'invalid delivery key for http-rp: %s' % delivery[u'key']
else:
error = u'invalid deliveryType: %s' % delivery[u'deliveryType']
handler = lambda: util.get_template(u'worker.js.template') % ({
u'import': import_line,
u'error': error
})
util.respond(
request,
response,
payload_generator=handler,
content_type=b'text/javascript',
maybe_additional_headers=maybe_additional_headers)
|
