/
worker.py
44 lines (39 loc) · 1.69 KB
/
worker.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
import os, sys, json
sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
import util
def main(request, response):
policyDeliveries = json.loads(request.GET.first('policyDeliveries', '[]'))
worker_type = request.GET.first('type', 'classic')
commonjs_url = '%s://%s:%s/common/security-features/resources/common.sub.js' % (
request.url_parts.scheme, request.url_parts.hostname,
request.url_parts.port)
if worker_type == 'classic':
import_line = 'importScripts("%s");' % commonjs_url
else:
import_line = 'import "%s";' % commonjs_url
maybe_additional_headers = {}
error = ''
for delivery in policyDeliveries:
if delivery['deliveryType'] == 'meta':
error = '<meta> cannot be used in WorkerGlobalScope'
elif delivery['deliveryType'] == 'http-rp':
if delivery['key'] == 'referrerPolicy':
maybe_additional_headers['Referrer-Policy'] = delivery['value']
elif delivery['key'] == 'mixedContent' and delivery['value'] == 'opt-in':
maybe_additional_headers['Content-Security-Policy'] = 'block-all-mixed-content'
elif delivery['key'] == 'upgradeInsecureRequests' and delivery['value'] == 'upgrade':
maybe_additional_headers['Content-Security-Policy'] = 'upgrade-insecure-requests'
else:
error = 'invalid delivery key for http-rp: %s' % delivery['key']
else:
error = 'invalid deliveryType: %s' % delivery['deliveryType']
handler = lambda: util.get_template('worker.js.template') % ({
'import': import_line,
'error': error
})
util.respond(
request,
response,
payload_generator=handler,
content_type='text/javascript',
maybe_additional_headers=maybe_additional_headers)