The Tor Browser / file revision

content/base/test/csp/file_CSP_evalscript_main_allowed_getCRMFRequest.js@b8a032363ba2

content/base/test/csp/file_CSP_evalscript_main_allowed_getCRMFRequest.js

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 // some javascript for the CSP eval() tests

     2 // all of these evals should succeed, as the document loading this script

     3 // has script-src 'self' 'unsafe-eval'

     4 

     5 function logResult(str, passed) {

     6   var elt = document.createElement('div');

     7   var color = passed ? "#cfc;" : "#fcc";

     8   elt.setAttribute('style', 'background-color:' + color + '; width:100%; border:1px solid black; padding:3px; margin:4px;');

     9   elt.innerHTML = str;

    10   document.body.appendChild(elt);

    11 }

    12 

    13 // callback for when stuff is allowed by CSP

    14 var onevalexecuted = (function(window) {

    15     return function(shouldrun, what, data) {

    16       window.parent.scriptRan(shouldrun, what, data);

    17       logResult((shouldrun ? "PASS: " : "FAIL: ") + what + " : " + data, shouldrun);

    18     };})(window);

    19 

    20 // callback for when stuff is blocked

    21 var onevalblocked = (function(window) {

    22     return function(shouldrun, what, data) {

    23       window.parent.scriptBlocked(shouldrun, what, data);

    24       logResult((shouldrun ? "FAIL: " : "PASS: ") + what + " : " + data, !shouldrun);

    25     };})(window);

    26 

    27 

    28 // Defer until document is loaded so that we can write the pretty result boxes

    29 // out.

    30 addEventListener('load', function() {

    31   // test that allows crypto.generateCRMFRequest eval to run

    32   try {

    33       var script =

    34         'console.log("dynamic script passed to crypto.generateCRMFRequest should execute")';

    35       crypto.generateCRMFRequest('CN=0', 0, 0, null, script, 384, null, 'rsa-dual-use');

    36       onevalexecuted(true, "eval(script) inside crypto.generateCRMFRequest",

    37                      "eval executed during crypto.generateCRMFRequest");

    38   } catch (e) {

    39     onevalblocked(true, "eval(script) inside crypto.generateCRMFRequest",

    40                   "eval was blocked during crypto.generateCRMFRequest");

    41   }

    42 }, false);

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial