The Tor Browser / file revision

content/base/test/csp/test_csp_regexp_parsing.html@b8a032363ba2

content/base/test/csp/test_csp_regexp_parsing.html

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 <!DOCTYPE HTML>

     2 <html>

     3 <head>

     4   <title>Bug 916054 - URLs with path are ignored by FF's CSP parser</title>

     5   <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->

     6   <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>

     7   <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />

     8 </head>

     9 <body>

    10   <p id="display"></p>

    11   <div id="content" style="visibility: hidden">

    12     <iframe style="width:100%;" id="testframe"></iframe>

    13   </div>

    14 

    15 <script class="testbody" type="text/javascript">

    16 

    17 SimpleTest.waitForExplicitFinish();

    18 

    19 var policies = [

    20   ["allowed", "*"],

    21   ["allowed", "test1.example.com"],

    22   ["allowed", "test1.example.com/"],

    23   ["allowed", "test1.example.com/path-1"],

    24   ["allowed", "test1.example.com/path-1/"],

    25   ["allowed", "test1.example.com/path-1/path_2/"],

    26   ["allowed", "test1.example.com/path-1/path_2/file.js"],

    27   ["allowed", "test1.example.com/path-1/path_2/file_1.js"],

    28   ["allowed", "test1.example.com/path-1/path_2/file-2.js"],

    29   ["allowed", "test1.example.com/path-1/path_2/f.js"],

    30   ["allowed", "test1.example.com/path-1/path_2/f.oo.js"],

    31   ["allowed", "*.example.com"],

    32   ["allowed", "*.example.com/"],

    33   ["allowed", "*.example.com/path-1"],

    34   ["allowed", "*.example.com/path-1/"],

    35   ["allowed", "*.example.com/path-1/path_2/"],

    36   ["allowed", "*.example.com/path-1/path_2/file.js"],

    37   ["allowed", "*.example.com/path-1/path_2/file_1.js"],

    38   ["allowed", "*.example.com/path-1/path_2/file-2.js"],

    39   ["allowed", "*.example.com/path-1/path_2/f.js"],

    40   ["allowed", "*.example.com/path-1/path_2/f.oo.js"],

    41   ["allowed", "test1.example.com:80"],

    42   ["allowed", "test1.example.com:80/"],

    43   ["allowed", "test1.example.com:80/path-1"],

    44   ["allowed", "test1.example.com:80/path-1/"],

    45   ["allowed", "test1.example.com:80/path-1/path_2"],

    46   ["allowed", "test1.example.com:80/path-1/path_2/"],

    47   ["allowed", "test1.example.com:80/path-1/path_2/file.js"],

    48   ["allowed", "test1.example.com:80/path-1/path_2/f.ile.js"],

    49   ["allowed", "test1.example.com:*"],

    50   ["allowed", "test1.example.com:*/"],

    51   ["allowed", "test1.example.com:*/path-1"],

    52   ["allowed", "test1.example.com:*/path-1/"],

    53   ["allowed", "test1.example.com:*/path-1/path_2"],

    54   ["allowed", "test1.example.com:*/path-1/path_2/"],

    55   ["allowed", "test1.example.com:*/path-1/path_2/file.js"],

    56   ["allowed", "test1.example.com:*/path-1/path_2/f.ile.js"],

    57   // the following tests should fail

    58   ["blocked", "test1.example.com:88path-1/"],

    59   ["blocked", "test1.example.com:80.js"],

    60   ["blocked", "test1.example.com:*.js"],

    61   ["blocked", "test1.example.com:*."]

    62 ]

    63 

    64 var counter = 0;

    65 var policy;

    66 

    67 function loadNextTest() {

    68   if (counter == policies.length) {

    69     SimpleTest.finish();

    70   }

    71   else {

    72     policy = policies[counter++];

    73     var src = "file_csp_testserver.sjs";

    74     // append the file that should be served

    75     src += "?file=" + escape("tests/content/base/test/csp/file_csp_regexp_parsing.html");

    76     // append the CSP that should be used to serve the file

    77     src += "&csp=" + escape("default-src 'none'; script-src " + policy[1]);

    78 

    79     document.getElementById("testframe").addEventListener("load", test, false);

    80     document.getElementById("testframe").src = src;

    81   }

    82 }

    83 

    84 function test() {

    85   try {

    86     document.getElementById("testframe").removeEventListener('load', test, false);

    87     var testframe = document.getElementById("testframe");

    88     var divcontent = testframe.contentWindow.document.getElementById('testdiv').innerHTML;

    89     is(divcontent, policy[0], "should be " + policy[0] + " in test " + (counter - 1) + "!");

    90   }

    91   catch (e) {

    92     ok(false, "ERROR: could not access content in test " + (counter - 1) + "!");

    93   }

    94   loadNextTest();

    95 }

    96 

    97 SpecialPowers.pushPrefEnv(

    98   {'set':[["security.csp.speccompliant", true]]},

    99   function () {

   100     loadNextTest();

   101   }

   102 );

   103 

   104 </script>

   105 </body>

   106 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial