1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/content/base/test/csp/test_multi_policy_injection_bypass.html Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,124 @@
1.4 +<!DOCTYPE HTML>
1.5 +<html>
1.6 +<!--
1.7 +https://bugzilla.mozilla.org/show_bug.cgi?id=717511
1.8 +-->
1.9 +<head>
1.10 + <title>Test for Bug 717511</title>
1.11 + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
1.12 + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
1.13 +</head>
1.14 +<body>
1.15 +<p id="display"></p>
1.16 +<div id="content" style="display: none">
1.17 +
1.18 +
1.19 +</div>
1.20 +
1.21 +<iframe style="width:200px;height:200px;" id='cspframe'></iframe>
1.22 +<iframe style="width:200px;height:200px;" id='cspframe2'></iframe>
1.23 +<script class="testbody" type="text/javascript">
1.24 +
1.25 +var path = "/tests/content/base/test/";
1.26 +
1.27 +// These are test results: -1 means it hasn't run,
1.28 +// true/false is the pass/fail result.
1.29 +// This is not exhaustive, just double-checking the 'self' vs * policy conflict in the two HTTP headers.
1.30 +window.tests = {
1.31 + img_good: -1,
1.32 + img_bad: -1,
1.33 + script_good: -1,
1.34 + script_bad: -1,
1.35 + img2_good: -1,
1.36 + img2_bad: -1,
1.37 + script2_good: -1,
1.38 + script2_bad: -1,
1.39 +};
1.40 +
1.41 +
1.42 +// This is used to watch the blocked data bounce off CSP and allowed data
1.43 +// get sent out to the wire.
1.44 +function examiner() {
1.45 + SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
1.46 + SpecialPowers.addObserver(this, "http-on-modify-request", false);
1.47 +}
1.48 +examiner.prototype = {
1.49 + observe: function(subject, topic, data) {
1.50 + // subject should be an nsIHttpChannel (for http-on-modify-request)
1.51 + // and nsIURI for csp-on-violate-policy, and the Request should be
1.52 + //either allowed or blocked.
1.53 + if(!SpecialPowers.can_QI(subject))
1.54 + return;
1.55 +
1.56 + var testpat = new RegExp("testid=([a-z0-9_]+)");
1.57 +
1.58 + //_good things better be allowed!
1.59 + //_bad things better be stopped!
1.60 +
1.61 + if (topic === "http-on-modify-request") {
1.62 + //these things were allowed by CSP
1.63 + var asciiSpec = SpecialPowers.getPrivilegedProps(
1.64 + SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"),
1.65 + "URI.asciiSpec");
1.66 + if (!testpat.test(asciiSpec)) return;
1.67 + var testid = testpat.exec(asciiSpec)[1];
1.68 + window.testResult(testid,
1.69 + /_good/.test(testid),
1.70 + asciiSpec + " allowed by csp");
1.71 +
1.72 + }
1.73 +
1.74 + if(topic === "csp-on-violate-policy") {
1.75 + //these were blocked... record that they were blocked
1.76 + var asciiSpec = SpecialPowers.getPrivilegedProps(
1.77 + SpecialPowers.do_QueryInterface(subject, "nsIURI"),
1.78 + "asciiSpec");
1.79 + if (!testpat.test(asciiSpec)) return;
1.80 + var testid = testpat.exec(asciiSpec)[1];
1.81 + window.testResult(testid,
1.82 + /_bad/.test(testid),
1.83 + asciiSpec + " blocked by \"" + data + "\"");
1.84 + }
1.85 + },
1.86 +
1.87 + // must eventually call this to remove the listener,
1.88 + // or mochitests might get borked.
1.89 + remove: function() {
1.90 + SpecialPowers.removeObserver(this, "csp-on-violate-policy");
1.91 + SpecialPowers.removeObserver(this, "http-on-modify-request");
1.92 + }
1.93 +}
1.94 +
1.95 +window.examiner = new examiner();
1.96 +
1.97 +window.testResult = function(testname, result, msg) {
1.98 +
1.99 + //test already complete.... forget it... remember the first result.
1.100 + if (window.tests[testname] != -1)
1.101 + return;
1.102 +
1.103 + window.tests[testname] = result;
1.104 + is(result, true, testname + ' test: ' + msg);
1.105 +
1.106 + // if any test is incomplete, keep waiting
1.107 + for (var v in window.tests)
1.108 + if(tests[v] == -1)
1.109 + return;
1.110 +
1.111 + // ... otherwise, finish
1.112 + window.examiner.remove();
1.113 + SimpleTest.finish();
1.114 +}
1.115 +
1.116 +SimpleTest.waitForExplicitFinish();
1.117 +
1.118 +// save this for last so that our listeners are registered.
1.119 +// ... this loads the testbed of good and bad requests.
1.120 +
1.121 +document.getElementById('cspframe').src = 'file_multi_policy_injection_bypass.html';
1.122 +document.getElementById('cspframe2').src = 'file_multi_policy_injection_bypass_2.html';
1.123 +
1.124 +</script>
1.125 +</pre>
1.126 +</body>
1.127 +</html>
