The Tor Browser / file diff

diff: content/base/test/csp/test_csp_regexp_parsing.html

content/base/test/csp/test_csp_regexp_parsing.html

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/content/base/test/csp/test_csp_regexp_parsing.html	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,106 @@
     1.4 +<!DOCTYPE HTML>
     1.5 +<html>
     1.6 +<head>
     1.7 +  <title>Bug 916054 - URLs with path are ignored by FF's CSP parser</title>
     1.8 +  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
     1.9 +  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
    1.10 +  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
    1.11 +</head>
    1.12 +<body>
    1.13 +  <p id="display"></p>
    1.14 +  <div id="content" style="visibility: hidden">
    1.15 +    <iframe style="width:100%;" id="testframe"></iframe>
    1.16 +  </div>
    1.17 +
    1.18 +<script class="testbody" type="text/javascript">
    1.19 +
    1.20 +SimpleTest.waitForExplicitFinish();
    1.21 +
    1.22 +var policies = [
    1.23 +  ["allowed", "*"],
    1.24 +  ["allowed", "test1.example.com"],
    1.25 +  ["allowed", "test1.example.com/"],
    1.26 +  ["allowed", "test1.example.com/path-1"],
    1.27 +  ["allowed", "test1.example.com/path-1/"],
    1.28 +  ["allowed", "test1.example.com/path-1/path_2/"],
    1.29 +  ["allowed", "test1.example.com/path-1/path_2/file.js"],
    1.30 +  ["allowed", "test1.example.com/path-1/path_2/file_1.js"],
    1.31 +  ["allowed", "test1.example.com/path-1/path_2/file-2.js"],
    1.32 +  ["allowed", "test1.example.com/path-1/path_2/f.js"],
    1.33 +  ["allowed", "test1.example.com/path-1/path_2/f.oo.js"],
    1.34 +  ["allowed", "*.example.com"],
    1.35 +  ["allowed", "*.example.com/"],
    1.36 +  ["allowed", "*.example.com/path-1"],
    1.37 +  ["allowed", "*.example.com/path-1/"],
    1.38 +  ["allowed", "*.example.com/path-1/path_2/"],
    1.39 +  ["allowed", "*.example.com/path-1/path_2/file.js"],
    1.40 +  ["allowed", "*.example.com/path-1/path_2/file_1.js"],
    1.41 +  ["allowed", "*.example.com/path-1/path_2/file-2.js"],
    1.42 +  ["allowed", "*.example.com/path-1/path_2/f.js"],
    1.43 +  ["allowed", "*.example.com/path-1/path_2/f.oo.js"],
    1.44 +  ["allowed", "test1.example.com:80"],
    1.45 +  ["allowed", "test1.example.com:80/"],
    1.46 +  ["allowed", "test1.example.com:80/path-1"],
    1.47 +  ["allowed", "test1.example.com:80/path-1/"],
    1.48 +  ["allowed", "test1.example.com:80/path-1/path_2"],
    1.49 +  ["allowed", "test1.example.com:80/path-1/path_2/"],
    1.50 +  ["allowed", "test1.example.com:80/path-1/path_2/file.js"],
    1.51 +  ["allowed", "test1.example.com:80/path-1/path_2/f.ile.js"],
    1.52 +  ["allowed", "test1.example.com:*"],
    1.53 +  ["allowed", "test1.example.com:*/"],
    1.54 +  ["allowed", "test1.example.com:*/path-1"],
    1.55 +  ["allowed", "test1.example.com:*/path-1/"],
    1.56 +  ["allowed", "test1.example.com:*/path-1/path_2"],
    1.57 +  ["allowed", "test1.example.com:*/path-1/path_2/"],
    1.58 +  ["allowed", "test1.example.com:*/path-1/path_2/file.js"],
    1.59 +  ["allowed", "test1.example.com:*/path-1/path_2/f.ile.js"],
    1.60 +  // the following tests should fail
    1.61 +  ["blocked", "test1.example.com:88path-1/"],
    1.62 +  ["blocked", "test1.example.com:80.js"],
    1.63 +  ["blocked", "test1.example.com:*.js"],
    1.64 +  ["blocked", "test1.example.com:*."]
    1.65 +]
    1.66 +
    1.67 +var counter = 0;
    1.68 +var policy;
    1.69 +
    1.70 +function loadNextTest() {
    1.71 +  if (counter == policies.length) {
    1.72 +    SimpleTest.finish();
    1.73 +  }
    1.74 +  else {
    1.75 +    policy = policies[counter++];
    1.76 +    var src = "file_csp_testserver.sjs";
    1.77 +    // append the file that should be served
    1.78 +    src += "?file=" + escape("tests/content/base/test/csp/file_csp_regexp_parsing.html");
    1.79 +    // append the CSP that should be used to serve the file
    1.80 +    src += "&csp=" + escape("default-src 'none'; script-src " + policy[1]);
    1.81 +
    1.82 +    document.getElementById("testframe").addEventListener("load", test, false);
    1.83 +    document.getElementById("testframe").src = src;
    1.84 +  }
    1.85 +}
    1.86 +
    1.87 +function test() {
    1.88 +  try {
    1.89 +    document.getElementById("testframe").removeEventListener('load', test, false);
    1.90 +    var testframe = document.getElementById("testframe");
    1.91 +    var divcontent = testframe.contentWindow.document.getElementById('testdiv').innerHTML;
    1.92 +    is(divcontent, policy[0], "should be " + policy[0] + " in test " + (counter - 1) + "!");
    1.93 +  }
    1.94 +  catch (e) {
    1.95 +    ok(false, "ERROR: could not access content in test " + (counter - 1) + "!");
    1.96 +  }
    1.97 +  loadNextTest();
    1.98 +}
    1.99 +
   1.100 +SpecialPowers.pushPrefEnv(
   1.101 +  {'set':[["security.csp.speccompliant", true]]},
   1.102 +  function () {
   1.103 +    loadNextTest();
   1.104 +  }
   1.105 +);
   1.106 +
   1.107 +</script>
   1.108 +</body>
   1.109 +</html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial