The Tor Browser / file revision

content/base/test/csp/test_CSP_evalscript.html@b8a032363ba2

content/base/test/csp/test_CSP_evalscript.html

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 <!DOCTYPE HTML>

     2 <html>

     3 <head>

     4   <title>Test for Content Security Policy "no eval" base restriction</title>

     5   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>

     6   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

     7 </head>

     8 <body>

     9 <p id="display"></p>

    10 <div id="content" style="display: none">

    11 </div>

    12 <iframe style="width:100%;height:300px;" id='cspframe'></iframe>

    13 <iframe style="width:100%;height:300px;" id='cspframe2'></iframe>

    14 <iframe style="width:100%;height:300px;" id='cspframe3'></iframe>

    15 <script class="testbody" type="text/javascript">

    16 

    17 var path = "/tests/content/base/test/csp/";

    18 

    19 var evalScriptsThatRan = 0;

    20 var evalScriptsBlocked = 0;

    21 var evalScriptsTotal = 24;

    22 

    23 // called by scripts that run

    24 var scriptRan = function(shouldrun, testname, data) {

    25   evalScriptsThatRan++;

    26   ok(shouldrun, 'EVAL SCRIPT RAN: ' + testname + '(' + data + ')');

    27   checkTestResults();

    28 }

    29 

    30 // called when a script is blocked

    31 var scriptBlocked = function(shouldrun, testname, data) {

    32   evalScriptsBlocked++;

    33   ok(!shouldrun, 'EVAL SCRIPT BLOCKED: ' + testname + '(' + data + ')');

    34   checkTestResults();

    35 }

    36 

    37 

    38 // Check to see if all the tests have run

    39 var checkTestResults = function() {

    40   // if any test is incomplete, keep waiting

    41   if (evalScriptsTotal - evalScriptsBlocked - evalScriptsThatRan > 0)

    42     return;

    43 

    44   // ... otherwise, finish

    45   SimpleTest.finish();

    46 }

    47 

    48 //////////////////////////////////////////////////////////////////////

    49 // set up and go

    50 SimpleTest.waitForExplicitFinish();

    51 

    52 SpecialPowers.pushPrefEnv(

    53   {'set':[["security.csp.speccompliant", true]]},

    54     function() {

    55       // save this for last so that our listeners are registered.

    56       // ... this loads the testbed of good and bad requests.

    57       document.getElementById('cspframe').src = 'file_CSP_evalscript_main.html';

    58       document.getElementById('cspframe2').src = 'file_CSP_evalscript_main_spec_compliant.html';

    59       document.getElementById('cspframe3').src = 'file_CSP_evalscript_main_spec_compliant_allowed.html';

    60       // document.getElementById('cspframe4').src = 'file_CSP_evalscript_no_CSP_at_all.html';

    61     });

    62 </script>

    63 </pre>

    64 </body>

    65 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial