tgr/.gitignore

## .gitignore
.venv/
*.html
jquery.js

## generate.py
#!/usr/bin/env python

import base64
import html
import json
import simplejson
import urllib
from argparse import ArgumentParser
from string import Template


parser = ArgumentParser()
parser.add_argument("-b", "--baseurl", required=True, help="Base URL of HTML files")
args = parser.parse_args()

SANDBOX_MODES =['none', 'allow-origin', 'full']
SOURCE_MODES = ['srcdoc', 'data', 'blob', 'src']
MSG = {
	'sandbox-mode-none': 'No sandboxing',
	'sandbox-mode-allow-origin': 'Sandboxing but origin not suppressed (sandbox="allow-same-origin")',
	'sandbox-mode-full': 'Full sandboxing (sandbox="")',
	'source-mode-srcdoc': 'srcdoc attribute',
	'source-mode-data': 'data URI',
	'source-mode-blob': 'blob URI',
	'source-mode-src': 'separate webpage',
}

index_template = Template( open('index.thtml', 'r').read() )
template = Template( open('template.thtml', 'r').read() )
iframe = Template( open('iframe.thtml', 'r').read() ).substitute(baseurl=args.baseurl)

mode_list = {}
for sandbox_mode in SANDBOX_MODES:
	for source_mode in SOURCE_MODES:
		filename = sandbox_mode + '-' + source_mode + '.html'
		mode_desc = 'sandboxing: %s / source: %s' % ( sandbox_mode, source_mode)
		mode_list[filename] = mode_desc

for sandbox_mode in SANDBOX_MODES:
	sandbox_mode_arg = ''
	if sandbox_mode == 'allow-origin':
		sandbox_mode_arg = 'sandbox="allow-scripts allow-same-origin"'
	elif sandbox_mode == 'full':
		sandbox_mode_arg = 'sandbox="allow-scripts"'

	for source_mode in SOURCE_MODES:
		source_arg = blob_generator = ''
		if source_mode == 'src':
			source_arg = 'src="iframe.html"'
		elif source_mode == 'data':
			source_arg = 'src="data:text/html;charset=utf-8;base64,%s"' % base64.b64encode(iframe.encode('utf-8')).decode('utf-8')
		elif source_mode == 'blob':
			source_arg = 'src="about:blank"'
			blob_generator = """<script>
var blob = new Blob( [%s], { type: "text/html" } );
document.querySelector("iframe").src = URL.createObjectURL(blob);
</script>""" % json.dumps(iframe, cls=simplejson.JSONEncoderForHTML)
		elif source_mode == 'srcdoc':
			source_arg = 'srcdoc="%s"' % html.escape(iframe)

		mode_desc = 'sandboxing: %s / source: %s' % ( sandbox_mode, source_mode)

		template_variables = {
			'mode_desc': mode_desc,
			'mode_list': '\n'.join(['<li><a href="%s">%s</a></li>' % (k, v) for k, v in mode_list.items()]),
			'iframe_source': html.escape(iframe),
			'sandbox_mode': MSG['sandbox-mode-' + sandbox_mode],
			'source_mode': MSG['source-mode-' + source_mode],
			'iframe_args': sandbox_mode_arg + ' ' + source_arg,
			'blob_generator': blob_generator,
			'baseurl': args.baseurl,
		}

		filename = sandbox_mode + '-' + source_mode + '.html'
		with open(filename, 'w') as f:
			f.write(template.substitute(**template_variables))

with open('index.html', 'w') as f:
	f.write(index_template.substitute(**template_variables))
with open('iframe.html', 'w') as f:
	f.write(iframe)

# download https://code.jquery.com/jquery-3.7.1.js to jquery.js if the file doesn't exist yet
try:
	open('jquery.js', 'r').close()
except FileNotFoundError:
	urllib.request.urlretrieve('https://code.jquery.com/jquery-3.7.1.js', 'jquery.js')

## iframe.thtml
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Embedded iframe</title>
  <script src="${baseurl}/jquery.js"></script>
</head>
<body>
  <script>try { document.write( "Origin: " + location.origin ); } catch (e) {}</script>
</body>
</html>

## index.thtml
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Iframe caching test</title>
</head>
<body>
  Load the page several times and check if jquery.js loads from cache.
  <ul>
    ${mode_list}
  </ul>
</body>
</html>

## requirements.txt
simplejson

## template.thtml
<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Iframe caching test ${mode_desc}</title>
</head>
<body>
  <ul>
    <li>Sandbox mode: ${sandbox_mode}</li>
    <li>Source: ${source_mode}</li>
    <li>"Origin: <script>document.write( location.origin );</script></li>
  </ul>
  Iframe source:
  <pre>${iframe_source}</pre>
  Iframe:
  <iframe ${iframe_args}></iframe>
  ${blob_generator}
  <ul style="list-style-type: none">${mode_list}</ul>
  <a href="index.html">Back to index</a>
</body>
</html>
	#!/usr/bin/env python

	import base64
	import html
	import json
	import simplejson
	import urllib
	from argparse import ArgumentParser
	from string import Template


	parser = ArgumentParser()
	parser.add_argument("-b", "--baseurl", required=True, help="Base URL of HTML files")
	args = parser.parse_args()

	SANDBOX_MODES =['none', 'allow-origin', 'full']
	SOURCE_MODES = ['srcdoc', 'data', 'blob', 'src']
	MSG = {
	'sandbox-mode-none': 'No sandboxing',
	'sandbox-mode-allow-origin': 'Sandboxing but origin not suppressed (sandbox="allow-same-origin")',
	'sandbox-mode-full': 'Full sandboxing (sandbox="")',
	'source-mode-srcdoc': 'srcdoc attribute',
	'source-mode-data': 'data URI',
	'source-mode-blob': 'blob URI',
	'source-mode-src': 'separate webpage',
	}

	index_template = Template( open('index.thtml', 'r').read() )
	template = Template( open('template.thtml', 'r').read() )
	iframe = Template( open('iframe.thtml', 'r').read() ).substitute(baseurl=args.baseurl)

	mode_list = {}
	for sandbox_mode in SANDBOX_MODES:
	for source_mode in SOURCE_MODES:
	filename = sandbox_mode + '-' + source_mode + '.html'
	mode_desc = 'sandboxing: %s / source: %s' % ( sandbox_mode, source_mode)
	mode_list[filename] = mode_desc

	for sandbox_mode in SANDBOX_MODES:
	sandbox_mode_arg = ''
	if sandbox_mode == 'allow-origin':
	sandbox_mode_arg = 'sandbox="allow-scripts allow-same-origin"'
	elif sandbox_mode == 'full':
	sandbox_mode_arg = 'sandbox="allow-scripts"'

	for source_mode in SOURCE_MODES:
	source_arg = blob_generator = ''
	if source_mode == 'src':
	source_arg = 'src="iframe.html"'
	elif source_mode == 'data':
	source_arg = 'src="data:text/html;charset=utf-8;base64,%s"' % base64.b64encode(iframe.encode('utf-8')).decode('utf-8')
	elif source_mode == 'blob':
	source_arg = 'src="about:blank"'
	blob_generator = """<script>
	var blob = new Blob( [%s], { type: "text/html" } );
	document.querySelector("iframe").src = URL.createObjectURL(blob);
	</script>""" % json.dumps(iframe, cls=simplejson.JSONEncoderForHTML)
	elif source_mode == 'srcdoc':
	source_arg = 'srcdoc="%s"' % html.escape(iframe)

	mode_desc = 'sandboxing: %s / source: %s' % ( sandbox_mode, source_mode)

	template_variables = {
	'mode_desc': mode_desc,
	'mode_list': '\n'.join(['<li><a href="%s">%s</a></li>' % (k, v) for k, v in mode_list.items()]),
	'iframe_source': html.escape(iframe),
	'sandbox_mode': MSG['sandbox-mode-' + sandbox_mode],
	'source_mode': MSG['source-mode-' + source_mode],
	'iframe_args': sandbox_mode_arg + ' ' + source_arg,
	'blob_generator': blob_generator,
	'baseurl': args.baseurl,
	}

	filename = sandbox_mode + '-' + source_mode + '.html'
	with open(filename, 'w') as f:
	f.write(template.substitute(**template_variables))

	with open('index.html', 'w') as f:
	f.write(index_template.substitute(**template_variables))
	with open('iframe.html', 'w') as f:
	f.write(iframe)

	# download https://code.jquery.com/jquery-3.7.1.js to jquery.js if the file doesn't exist yet
	try:
	open('jquery.js', 'r').close()
	except FileNotFoundError:
	urllib.request.urlretrieve('https://code.jquery.com/jquery-3.7.1.js', 'jquery.js')
	<!DOCTYPE html>
	<html>
	<head>
	<meta charset="utf-8">
	<title>Embedded iframe</title>
	<script src="${baseurl}/jquery.js"></script>
	</head>
	<body>
	<script>try { document.write( "Origin: " + location.origin ); } catch (e) {}</script>
	</body>
	</html>