The Tor Browser / file diff

     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/content/base/test/csp/test_self_none_as_hostname_confusion.html	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,59 @@
     1.4 +<!DOCTYPE HTML>
     1.5 +<html>
     1.6 +<!--
     1.7 +https://bugzilla.mozilla.org/show_bug.cgi?id=587377
     1.8 +-->
     1.9 +<head>
    1.10 +  <meta charset="utf-8">
    1.11 +  <title>Test for Bug 587377</title>
    1.12 +  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
    1.13 +  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
    1.14 +</head>
    1.15 +<body>
    1.16 +<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=587377">Mozilla Bug 587377</a>
    1.17 +<p id="display"></p>
    1.18 +
    1.19 +<iframe id="cspframe"></iframe>
    1.20 +
    1.21 +<pre id="test">
    1.22 +
    1.23 +<script class="testbody" type="text/javascript">
    1.24 +// Load locale string during mochitest
    1.25 +var stringBundleService = SpecialPowers.Cc["@mozilla.org/intl/stringbundle;1"]
    1.26 +                          .getService(SpecialPowers.Ci.nsIStringBundleService);
    1.27 +var localizer = stringBundleService.createBundle("chrome://global/locale/security/csp.properties");
    1.28 +var confusionMsg = localizer.formatStringFromName("hostNameMightBeKeyword", ["SELF", "self"], 2);
    1.29 +
    1.30 +function cleanup() {
    1.31 +  SpecialPowers.postConsoleSentinel();
    1.32 +  SimpleTest.finish();
    1.33 +};
    1.34 +
    1.35 +// To prevent the test from asserting twice and calling SimpleTest.finish() twice,
    1.36 +// startTest will be marked false as soon as the confusionMsg is detected.
    1.37 +startTest = false;
    1.38 +SpecialPowers.registerConsoleListener(function ConsoleMsgListener(aMsg) {
    1.39 +  if (startTest) {
    1.40 +    if (aMsg.message.indexOf(confusionMsg) > -1) {
    1.41 +      startTest = false;
    1.42 +      ok(true, "CSP header with a hostname similar to keyword should be warned");
    1.43 +      SimpleTest.executeSoon(cleanup);
    1.44 +    } else {
    1.45 +      // don't see the warning yet? wait.
    1.46 +      return;
    1.47 +    }
    1.48 +  }
    1.49 +});
    1.50 +
    1.51 +// set up and start testing
    1.52 +SimpleTest.waitForExplicitFinish();
    1.53 +SpecialPowers.pushPrefEnv(
    1.54 +  {'set': [["security.csp.speccompliant", true]]},
    1.55 +  function() {
    1.56 +    document.getElementById('cspframe').src = 'file_self_none_as_hostname_confusion.html';
    1.57 +    startTest = true;
    1.58 +});
    1.59 +</script>
    1.60 +</pre>
    1.61 +</body>
    1.62 +</html>