Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(185)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/imported/web-platform-tests/subresource-integrity/subresource-integrity.html

Issue 1372043002: update-w3c-deps import using blink 0131ca248edfe6c594fa8a6e5780f55c0f4d01eb: (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebaseline Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/imported/web-platform-tests/mediacapture-streams/stream-api/mediastream/stream-ended-expected.txt ('k') | third_party/WebKit/LayoutTests/imported/web-platform-tests/webstorage/storage_builtins.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <meta charset=utf-8> 2 <meta charset=utf-8>
3 <title>Subresource Integrity</title> 3 <title>Subresource Integrity</title>
4 <script src="../../../resources/testharness.js"></script> 4 <script src="../../../resources/testharness.js"></script>
5 <script src="../../../resources/testharnessreport.js"></script> 5 <script src="../../../resources/testharnessreport.js"></script>
6 6
7 <div id="log"></div> 7 <div id="log"></div>
8 8
9 <div id="container"></div> 9 <div id="container"></div>
10 <script> 10 <script>
(...skipping 268 matching lines...) Expand 10 before | Expand all | Expand 10 after
279 "matching-digest.js", 279 "matching-digest.js",
280 "foo666-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E=" 280 "foo666-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E="
281 ).execute(); 281 ).execute();
282 282
283 // Style tests 283 // Style tests
284 new SRIStyleTest( 284 new SRIStyleTest(
285 style_tests, 285 style_tests,
286 true, 286 true,
287 "Same-origin with correct sha256 hash", 287 "Same-origin with correct sha256 hash",
288 { 288 {
289 href: "style.css", 289 href: "style.css?1",
290 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=" 290 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4="
291 } 291 }
292 ); 292 );
293 293
294 new SRIStyleTest( 294 new SRIStyleTest(
295 style_tests, 295 style_tests,
296 true, 296 true,
297 "Same-origin with correct sha384 hash", 297 "Same-origin with correct sha384 hash",
298 { 298 {
299 href: "style.css", 299 href: "style.css?2",
300 integrity: "sha384-wDAWxH4tOWBwAwHfBn9B7XuNmFxHTMeigAMwn0iVQ0zq3FtmY MLxihcGnU64CwcX" 300 integrity: "sha384-wDAWxH4tOWBwAwHfBn9B7XuNmFxHTMeigAMwn0iVQ0zq3FtmY MLxihcGnU64CwcX"
301 } 301 }
302 ); 302 );
303 303
304 new SRIStyleTest( 304 new SRIStyleTest(
305 style_tests, 305 style_tests,
306 true, 306 true,
307 "Same-origin with correct sha512 hash", 307 "Same-origin with correct sha512 hash",
308 { 308 {
309 href: "style.css", 309 href: "style.css?3",
310 integrity: "sha512-9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42l aL93Be/IF6YYZHHF4esitVYxiwpY2HSZX4l6w==" 310 integrity: "sha512-9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42l aL93Be/IF6YYZHHF4esitVYxiwpY2HSZX4l6w=="
311 } 311 }
312 ); 312 );
313 313
314 new SRIStyleTest( 314 new SRIStyleTest(
315 style_tests, 315 style_tests,
316 true, 316 true,
317 "Same-origin with empty integrity", 317 "Same-origin with empty integrity",
318 { 318 {
319 href: "style.css", 319 href: "style.css?4",
320 integrity: "" 320 integrity: ""
321 } 321 }
322 ); 322 );
323 323
324 new SRIStyleTest( 324 new SRIStyleTest(
325 style_tests, 325 style_tests,
326 false, 326 false,
327 "Same-origin with incorrect hash.", 327 "Same-origin with incorrect hash.",
328 { 328 {
329 href: "style.css", 329 href: "style.css?5",
330 integrity: "sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" 330 integrity: "sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead"
331 } 331 }
332 ); 332 );
333 333
334 new SRIStyleTest( 334 new SRIStyleTest(
335 style_tests, 335 style_tests,
336 true, 336 true,
337 "Same-origin with multiple sha256 hashes, including correct.", 337 "Same-origin with multiple sha256 hashes, including correct.",
338 { 338 {
339 href: "style.css", 339 href: "style.css?6",
340 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F-SPLT7YZk7gyCWUV4= sha2 56-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" 340 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4= sha2 56-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead"
341 } 341 }
342 ); 342 );
343 343
344 new SRIStyleTest( 344 new SRIStyleTest(
345 style_tests, 345 style_tests,
346 true, 346 true,
347 "Same-origin with multiple sha256 hashes, including unknown algorithm.", 347 "Same-origin with multiple sha256 hashes, including unknown algorithm.",
348 { 348 {
349 href: "style.css", 349 href: "style.css?7",
350 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F-SPLT7YZk7gyCWUV4= foo6 66-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" 350 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4= foo6 66-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead"
351 } 351 }
352 ); 352 );
353 353
354 new SRIStyleTest( 354 new SRIStyleTest(
355 style_tests, 355 style_tests,
356 true, 356 true,
357 "Same-origin with sha256 mismatch, sha512 match", 357 "Same-origin with sha256 mismatch, sha512 match",
358 { 358 {
359 href: "style.css", 359 href: "style.css?8",
360 integrity: "sha512-9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42l aL93Be/IF6YYZHHF4esitVYxiwpY2HSZX4l6w== sha256-deadbeefdeadbeefdeadbeefdeadbeefd eadbeefdead" 360 integrity: "sha512-9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42l aL93Be/IF6YYZHHF4esitVYxiwpY2HSZX4l6w== sha256-deadbeefdeadbeefdeadbeefdeadbeefd eadbeefdead"
361 } 361 }
362 ); 362 );
363 363
364 new SRIStyleTest( 364 new SRIStyleTest(
365 style_tests, 365 style_tests,
366 false, 366 false,
367 "Same-origin with sha256 match, sha512 mismatch", 367 "Same-origin with sha256 match, sha512 mismatch",
368 { 368 {
369 href: "style.css", 369 href: "style.css?9",
370 integrity: "sha512-deadbeef9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTK nfJif42laL93Be/IF6YYZHHF4esitVYxiwpY2== sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7Y Zk7gyCWUV4=" 370 integrity: "sha512-deadbeef9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTK nfJif42laL93Be/IF6YYZHHF4esitVYxiwpY2== sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7Y Zk7gyCWUV4="
371 } 371 }
372 ); 372 );
373 373
374 new SRIStyleTest( 374 new SRIStyleTest(
375 style_tests, 375 style_tests,
376 true, 376 true,
377 "<crossorigin='anonymous'> with correct hash, ACAO: *", 377 "<crossorigin='anonymous'> with correct hash, ACAO: *",
378 { 378 {
379 href: xorigin_anon_style, 379 href: xorigin_anon_style + '?1',
380 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", 380 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
381 crossorigin: "anonymous" 381 crossorigin: "anonymous"
382 } 382 }
383 ); 383 );
384 384
385 new SRIStyleTest( 385 new SRIStyleTest(
386 style_tests, 386 style_tests,
387 false, 387 false,
388 "<crossorigin='anonymous'> with incorrect hash, ACAO: *", 388 "<crossorigin='anonymous'> with incorrect hash, ACAO: *",
389 { 389 {
390 href: xorigin_anon_style, 390 href: xorigin_anon_style + '?2',
391 integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=", 391 integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=",
392 crossorigin: "anonymous" 392 crossorigin: "anonymous"
393 } 393 }
394 ); 394 );
395 395
396 new SRIStyleTest( 396 new SRIStyleTest(
397 style_tests, 397 style_tests,
398 true, 398 true,
399 "<crossorigin='use-credentials'> with correct hash, CORS-eligible", 399 "<crossorigin='use-credentials'> with correct hash, CORS-eligible",
400 { 400 {
401 href: xorigin_creds_style, 401 href: xorigin_creds_style + '?1',
402 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", 402 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
403 crossorigin: "use-credentials" 403 crossorigin: "use-credentials"
404 } 404 }
405 ); 405 );
406 406
407 new SRIStyleTest( 407 new SRIStyleTest(
408 style_tests, 408 style_tests,
409 false, 409 false,
410 "<crossorigin='use-credentials'> with incorrect hash CORS-eligible", 410 "<crossorigin='use-credentials'> with incorrect hash CORS-eligible",
411 { 411 {
412 href: xorigin_creds_style, 412 href: xorigin_creds_style + '?2',
413 integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=", 413 integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=",
414 crossorigin: "use-credentials" 414 crossorigin: "use-credentials"
415 } 415 }
416 ); 416 );
417 417
418 new SRIStyleTest( 418 new SRIStyleTest(
419 style_tests, 419 style_tests,
420 false, 420 false,
421 "<crossorigin='anonymous'> with CORS-ineligible resource", 421 "<crossorigin='anonymous'> with CORS-ineligible resource",
422 { 422 {
423 href: xorigin_ineligible_style, 423 href: xorigin_ineligible_style + '?1',
424 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", 424 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
425 crossorigin: "anonymous" 425 crossorigin: "anonymous"
426 } 426 }
427 ); 427 );
428 428
429 new SRIStyleTest( 429 new SRIStyleTest(
430 style_tests, 430 style_tests,
431 false, 431 false,
432 "Cross-origin, not CORS request, with correct hash", 432 "Cross-origin, not CORS request, with correct hash",
433 { 433 {
434 href: xorigin_anon_style, 434 href: xorigin_anon_style + '?3',
435 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=" 435 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4="
436 } 436 }
437 ); 437 );
438 438
439 new SRIStyleTest( 439 new SRIStyleTest(
440 style_tests, 440 style_tests,
441 false, 441 false,
442 "Cross-origin, not CORS request, with hash mismatch", 442 "Cross-origin, not CORS request, with hash mismatch",
443 { 443 {
444 href: xorigin_anon_style, 444 href: xorigin_anon_style + '?4',
445 integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=" 445 integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk="
446 } 446 }
447 ); 447 );
448 448
449 new SRIStyleTest( 449 new SRIStyleTest(
450 style_tests, 450 style_tests,
451 true, 451 true,
452 "Cross-origin, empty integrity", 452 "Cross-origin, empty integrity",
453 { 453 {
454 href: xorigin_anon_style, 454 href: xorigin_anon_style + '?5',
455 integrity: "" 455 integrity: ""
456 } 456 }
457 ); 457 );
458 458
459 new SRIStyleTest( 459 new SRIStyleTest(
460 style_tests, 460 style_tests,
461 true, 461 true,
462 "Same-origin with correct hash, options.", 462 "Same-origin with correct hash, options.",
463 { 463 {
464 href: "style.css", 464 href: "style.css?10",
465 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=?foo= bar?spam=eggs" 465 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=?foo= bar?spam=eggs"
466 } 466 }
467 ); 467 );
468 468
469 new SRIStyleTest( 469 new SRIStyleTest(
470 style_tests, 470 style_tests,
471 true, 471 true,
472 "Same-origin with unknown algorithm only.", 472 "Same-origin with unknown algorithm only.",
473 { 473 {
474 href: "style.css", 474 href: "style.css?11",
475 integrity: "foo666-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=?foo= bar?spam=eggs" 475 integrity: "foo666-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=?foo= bar?spam=eggs"
476 } 476 }
477 ); 477 );
478 478
479 new SRIStyleTest( 479 new SRIStyleTest(
480 style_tests, 480 style_tests,
481 true, 481 true,
482 "Same-origin with correct sha256 hash, rel='stylesheet license'", 482 "Same-origin with correct sha256 hash, rel='stylesheet license'",
483 { 483 {
484 href: "style.css", 484 href: "style.css?12",
485 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F-SPLT7YZk7gyCWUV4=", 485 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
486 rel: "stylesheet license" 486 rel: "stylesheet license"
487 } 487 }
488 ); 488 );
489 489
490 new SRIStyleTest( 490 new SRIStyleTest(
491 style_tests, 491 style_tests,
492 true, 492 true,
493 "Same-origin with correct sha256 hash, rel='license stylesheet'", 493 "Same-origin with correct sha256 hash, rel='license stylesheet'",
494 { 494 {
495 href: "style.css", 495 href: "style.css?13",
496 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F-SPLT7YZk7gyCWUV4=", 496 integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
497 rel: "license stylesheet" 497 rel: "license stylesheet"
498 } 498 }
499 ); 499 );
500 500
501 new SRIStyleTest( 501 new SRIStyleTest(
502 style_tests, 502 style_tests,
503 true, 503 true,
504 "Same-origin with correct sha256 and sha512 hash, rel='alternate stylesh eet' enabled", 504 "Same-origin with correct sha256 and sha512 hash, rel='alternate stylesh eet' enabled",
505 { 505 {
506 href: "alternate.css", 506 href: "alternate.css?1",
507 title: "alt", 507 title: "alt",
508 type: "text/css", 508 type: "text/css",
509 class: "alternate", 509 class: "alternate",
510 disabled: "disabled", 510 disabled: "disabled",
511 rel: "alternate stylesheet", 511 rel: "alternate stylesheet",
512 integrity: "sha256-phbz83bWhnLig+d2VPKrRrTRyhqoDRo1ruGqZLZ0= sha512- 8OYEB7ktnzcb6h+kB9CUIuc8qvKIyLpygRJdQSEEycRy74dUsB+Yu9rSjpOPjRUblle8WWX9Gn7v39LK 2Oceig==", 512 integrity: "sha256-phbz83bWhnLig+d2VPKrRrTRyhqoDRo1ruGqZLZ0= sha512- 8OYEB7ktnzcb6h+kB9CUIuc8qvKIyLpygRJdQSEEycRy74dUsB+Yu9rSjpOPjRUblle8WWX9Gn7v39LK 2Oceig==",
513 }, 513 },
514 function (link, container) { 514 function (link, container) {
515 var alternate = document.querySelector('link.alternate'); 515 var alternate = document.querySelector('link.alternate');
516 alternate.disabled = false; 516 alternate.disabled = false;
517 }, 517 },
518 "rgb(255, 0, 0)" 518 "rgb(255, 0, 0)"
519 ); 519 );
520 520
521 new SRIStyleTest( 521 new SRIStyleTest(
522 style_tests, 522 style_tests,
523 false, 523 false,
524 "Same-origin with incorrect sha256 and sha512 hash, rel='alternate style sheet' enabled", 524 "Same-origin with incorrect sha256 and sha512 hash, rel='alternate style sheet' enabled",
525 { 525 {
526 href: "alternate.css", 526 href: "alternate.css?2",
527 title: "alt", 527 title: "alt",
528 type: "text/css", 528 type: "text/css",
529 class: "alternate", 529 class: "alternate",
530 disabled: "disabled", 530 disabled: "disabled",
531 rel: "alternate stylesheet", 531 rel: "alternate stylesheet",
532 integrity: "sha256-fail83bWhnLig+d2VPKrRrTRyhqoDRo1ruGqZLZ0= sha512- failB7ktnzcb6h+kB9CUIuc8qvKIyLpygRJdQSEEycRy74dUsB+Yu9rSjpOPjRUblle8WWX9Gn7v39LK 2Oceig==", 532 integrity: "sha256-fail83bWhnLig+d2VPKrRrTRyhqoDRo1ruGqZLZ0= sha512- failB7ktnzcb6h+kB9CUIuc8qvKIyLpygRJdQSEEycRy74dUsB+Yu9rSjpOPjRUblle8WWX9Gn7v39LK 2Oceig==",
533 }, 533 },
534 function (link, container) { 534 function (link, container) {
535 var alternate = document.querySelector('link.alternate'); 535 var alternate = document.querySelector('link.alternate');
536 alternate.disabled = false; 536 alternate.disabled = false;
537 } 537 }
538 ); 538 );
539 539
540 style_tests.execute(); 540 style_tests.execute();
541 541
542 </script> 542 </script>
543 <!-- TODO check cache-poisoned resources, transfer-encoding, 3xx redirect 543 <!-- TODO check cache-poisoned resources, transfer-encoding, 3xx redirect
544 to resource with matching hash, and cross-origin leakage test as in sec5.3. 544 to resource with matching hash, and cross-origin leakage test as in sec5.3.
545 --> 545 -->
OLDNEW
« no previous file with comments | « third_party/WebKit/LayoutTests/imported/web-platform-tests/mediacapture-streams/stream-api/mediastream/stream-ended-expected.txt ('k') | third_party/WebKit/LayoutTests/imported/web-platform-tests/webstorage/storage_builtins.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698