• file
• revisions
• annotate
• diff
• comparison
• raw

content/base/test/csp/test_multi_policy_injection_bypass.html@b8a032363ba2 (annotated)

content/base/test/csp/test_multi_policy_injection_bypass.html

Thu, 22 Jan 2015 13:21:57 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Thu, 22 Jan 2015 13:21:57 +0100

branch

TOR_BUG_9701

changeset 15

b8a032363ba2

permissions

-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0	1	<!DOCTYPE HTML>
michael@0	2	<html>
michael@0	3	<!--
michael@0	4	https://bugzilla.mozilla.org/show_bug.cgi?id=717511
michael@0	5	-->
michael@0	6	<head>
michael@0	7	<title>Test for Bug 717511</title>
michael@0	8	<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
michael@0	9	<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
michael@0	10	</head>
michael@0	11	<body>
michael@0	12	<p id="display"></p>
michael@0	13	<div id="content" style="display: none">
michael@0	14
michael@0	15
michael@0	16	</div>
michael@0	17
michael@0	18	<iframe style="width:200px;height:200px;" id='cspframe'></iframe>
michael@0	19	<iframe style="width:200px;height:200px;" id='cspframe2'></iframe>
michael@0	20	<script class="testbody" type="text/javascript">
michael@0	21
michael@0	22	var path = "/tests/content/base/test/";
michael@0	23
michael@0	24	// These are test results: -1 means it hasn't run,
michael@0	25	// true/false is the pass/fail result.
michael@0	26	// This is not exhaustive, just double-checking the 'self' vs * policy conflict in the two HTTP headers.
michael@0	27	window.tests = {
michael@0	28	img_good: -1,
michael@0	29	img_bad: -1,
michael@0	30	script_good: -1,
michael@0	31	script_bad: -1,
michael@0	32	img2_good: -1,
michael@0	33	img2_bad: -1,
michael@0	34	script2_good: -1,
michael@0	35	script2_bad: -1,
michael@0	36	};
michael@0	37
michael@0	38
michael@0	39	// This is used to watch the blocked data bounce off CSP and allowed data
michael@0	40	// get sent out to the wire.
michael@0	41	function examiner() {
michael@0	42	SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
michael@0	43	SpecialPowers.addObserver(this, "http-on-modify-request", false);
michael@0	44	}
michael@0	45	examiner.prototype = {
michael@0	46	observe: function(subject, topic, data) {
michael@0	47	// subject should be an nsIHttpChannel (for http-on-modify-request)
michael@0	48	// and nsIURI for csp-on-violate-policy, and the Request should be
michael@0	49	//either allowed or blocked.
michael@0	50	if(!SpecialPowers.can_QI(subject))
michael@0	51	return;
michael@0	52
michael@0	53	var testpat = new RegExp("testid=([a-z0-9_]+)");
michael@0	54
michael@0	55	//_good things better be allowed!
michael@0	56	//_bad things better be stopped!
michael@0	57
michael@0	58	if (topic === "http-on-modify-request") {
michael@0	59	//these things were allowed by CSP
michael@0	60	var asciiSpec = SpecialPowers.getPrivilegedProps(
michael@0	61	SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"),
michael@0	62	"URI.asciiSpec");
michael@0	63	if (!testpat.test(asciiSpec)) return;
michael@0	64	var testid = testpat.exec(asciiSpec)[1];
michael@0	65	window.testResult(testid,
michael@0	66	/_good/.test(testid),
michael@0	67	asciiSpec + " allowed by csp");
michael@0	68
michael@0	69	}
michael@0	70
michael@0	71	if(topic === "csp-on-violate-policy") {
michael@0	72	//these were blocked... record that they were blocked
michael@0	73	var asciiSpec = SpecialPowers.getPrivilegedProps(
michael@0	74	SpecialPowers.do_QueryInterface(subject, "nsIURI"),
michael@0	75	"asciiSpec");
michael@0	76	if (!testpat.test(asciiSpec)) return;
michael@0	77	var testid = testpat.exec(asciiSpec)[1];
michael@0	78	window.testResult(testid,
michael@0	79	/_bad/.test(testid),
michael@0	80	asciiSpec + " blocked by \"" + data + "\"");
michael@0	81	}
michael@0	82	},
michael@0	83
michael@0	84	// must eventually call this to remove the listener,
michael@0	85	// or mochitests might get borked.
michael@0	86	remove: function() {
michael@0	87	SpecialPowers.removeObserver(this, "csp-on-violate-policy");
michael@0	88	SpecialPowers.removeObserver(this, "http-on-modify-request");
michael@0	89	}
michael@0	90	}
michael@0	91
michael@0	92	window.examiner = new examiner();
michael@0	93
michael@0	94	window.testResult = function(testname, result, msg) {
michael@0	95
michael@0	96	//test already complete.... forget it... remember the first result.
michael@0	97	if (window.tests[testname] != -1)
michael@0	98	return;
michael@0	99
michael@0	100	window.tests[testname] = result;
michael@0	101	is(result, true, testname + ' test: ' + msg);
michael@0	102
michael@0	103	// if any test is incomplete, keep waiting
michael@0	104	for (var v in window.tests)
michael@0	105	if(tests[v] == -1)
michael@0	106	return;
michael@0	107
michael@0	108	// ... otherwise, finish
michael@0	109	window.examiner.remove();
michael@0	110	SimpleTest.finish();
michael@0	111	}
michael@0	112
michael@0	113	SimpleTest.waitForExplicitFinish();
michael@0	114
michael@0	115	// save this for last so that our listeners are registered.
michael@0	116	// ... this loads the testbed of good and bad requests.
michael@0	117
michael@0	118	document.getElementById('cspframe').src = 'file_multi_policy_injection_bypass.html';
michael@0	119	document.getElementById('cspframe2').src = 'file_multi_policy_injection_bypass_2.html';
michael@0	120
michael@0	121	</script>
michael@0	122	</pre>
michael@0	123	</body>
michael@0	124	</html>