The Tor Browser / annotate

content/base/test/csp/test_csp_regexp_parsing.html@b8a032363ba2 (annotated)

content/base/test/csp/test_csp_regexp_parsing.html

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 <!DOCTYPE HTML>
michael@0 2 <html>
michael@0 3 <head>
michael@0 4 <title>Bug 916054 - URLs with path are ignored by FF's CSP parser</title>
michael@0 5 <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
michael@0 6 <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
michael@0 7 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
michael@0 8 </head>
michael@0 9 <body>
michael@0 10 <p id="display"></p>
michael@0 11 <div id="content" style="visibility: hidden">
michael@0 12 <iframe style="width:100%;" id="testframe"></iframe>
michael@0 13 </div>
michael@0 14
michael@0 15 <script class="testbody" type="text/javascript">
michael@0 16
michael@0 17 SimpleTest.waitForExplicitFinish();
michael@0 18
michael@0 19 var policies = [
michael@0 20 ["allowed", "*"],
michael@0 21 ["allowed", "test1.example.com"],
michael@0 22 ["allowed", "test1.example.com/"],
michael@0 23 ["allowed", "test1.example.com/path-1"],
michael@0 24 ["allowed", "test1.example.com/path-1/"],
michael@0 25 ["allowed", "test1.example.com/path-1/path_2/"],
michael@0 26 ["allowed", "test1.example.com/path-1/path_2/file.js"],
michael@0 27 ["allowed", "test1.example.com/path-1/path_2/file_1.js"],
michael@0 28 ["allowed", "test1.example.com/path-1/path_2/file-2.js"],
michael@0 29 ["allowed", "test1.example.com/path-1/path_2/f.js"],
michael@0 30 ["allowed", "test1.example.com/path-1/path_2/f.oo.js"],
michael@0 31 ["allowed", "*.example.com"],
michael@0 32 ["allowed", "*.example.com/"],
michael@0 33 ["allowed", "*.example.com/path-1"],
michael@0 34 ["allowed", "*.example.com/path-1/"],
michael@0 35 ["allowed", "*.example.com/path-1/path_2/"],
michael@0 36 ["allowed", "*.example.com/path-1/path_2/file.js"],
michael@0 37 ["allowed", "*.example.com/path-1/path_2/file_1.js"],
michael@0 38 ["allowed", "*.example.com/path-1/path_2/file-2.js"],
michael@0 39 ["allowed", "*.example.com/path-1/path_2/f.js"],
michael@0 40 ["allowed", "*.example.com/path-1/path_2/f.oo.js"],
michael@0 41 ["allowed", "test1.example.com:80"],
michael@0 42 ["allowed", "test1.example.com:80/"],
michael@0 43 ["allowed", "test1.example.com:80/path-1"],
michael@0 44 ["allowed", "test1.example.com:80/path-1/"],
michael@0 45 ["allowed", "test1.example.com:80/path-1/path_2"],
michael@0 46 ["allowed", "test1.example.com:80/path-1/path_2/"],
michael@0 47 ["allowed", "test1.example.com:80/path-1/path_2/file.js"],
michael@0 48 ["allowed", "test1.example.com:80/path-1/path_2/f.ile.js"],
michael@0 49 ["allowed", "test1.example.com:*"],
michael@0 50 ["allowed", "test1.example.com:*/"],
michael@0 51 ["allowed", "test1.example.com:*/path-1"],
michael@0 52 ["allowed", "test1.example.com:*/path-1/"],
michael@0 53 ["allowed", "test1.example.com:*/path-1/path_2"],
michael@0 54 ["allowed", "test1.example.com:*/path-1/path_2/"],
michael@0 55 ["allowed", "test1.example.com:*/path-1/path_2/file.js"],
michael@0 56 ["allowed", "test1.example.com:*/path-1/path_2/f.ile.js"],
michael@0 57 // the following tests should fail
michael@0 58 ["blocked", "test1.example.com:88path-1/"],
michael@0 59 ["blocked", "test1.example.com:80.js"],
michael@0 60 ["blocked", "test1.example.com:*.js"],
michael@0 61 ["blocked", "test1.example.com:*."]
michael@0 62 ]
michael@0 63
michael@0 64 var counter = 0;
michael@0 65 var policy;
michael@0 66
michael@0 67 function loadNextTest() {
michael@0 68 if (counter == policies.length) {
michael@0 69 SimpleTest.finish();
michael@0 70 }
michael@0 71 else {
michael@0 72 policy = policies[counter++];
michael@0 73 var src = "file_csp_testserver.sjs";
michael@0 74 // append the file that should be served
michael@0 75 src += "?file=" + escape("tests/content/base/test/csp/file_csp_regexp_parsing.html");
michael@0 76 // append the CSP that should be used to serve the file
michael@0 77 src += "&csp=" + escape("default-src 'none'; script-src " + policy[1]);
michael@0 78
michael@0 79 document.getElementById("testframe").addEventListener("load", test, false);
michael@0 80 document.getElementById("testframe").src = src;
michael@0 81 }
michael@0 82 }
michael@0 83
michael@0 84 function test() {
michael@0 85 try {
michael@0 86 document.getElementById("testframe").removeEventListener('load', test, false);
michael@0 87 var testframe = document.getElementById("testframe");
michael@0 88 var divcontent = testframe.contentWindow.document.getElementById('testdiv').innerHTML;
michael@0 89 is(divcontent, policy[0], "should be " + policy[0] + " in test " + (counter - 1) + "!");
michael@0 90 }
michael@0 91 catch (e) {
michael@0 92 ok(false, "ERROR: could not access content in test " + (counter - 1) + "!");
michael@0 93 }
michael@0 94 loadNextTest();
michael@0 95 }
michael@0 96
michael@0 97 SpecialPowers.pushPrefEnv(
michael@0 98 {'set':[["security.csp.speccompliant", true]]},
michael@0 99 function () {
michael@0 100 loadNextTest();
michael@0 101 }
michael@0 102 );
michael@0 103
michael@0 104 </script>
michael@0 105 </body>
michael@0 106 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial