Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(448)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/javascript-mimetype-usecounters.html

Issue 1413193010: Add counters for various ways of loading scripts with bad mimetypes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Tests which do work Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/javascript-mimetype-usecounters-expected.txt » ('j') | third_party/WebKit/Source/core/dom/ScriptLoader.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/LayoutTests/http/tests/security/javascript-mimetype-usecounters.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/javascript-mimetype-usecounters.html b/third_party/WebKit/LayoutTests/http/tests/security/javascript-mimetype-usecounters.html
new file mode 100644
index 0000000000000000000000000000000000000000..41f61d44df166d48d564fcdb24f0fdbec5a1baef
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/javascript-mimetype-usecounters.html
@@ -0,0 +1,85 @@
+<body>
+<script src="../../../resources/testharness.js"></script>
+<script>
+testRunner.dumpAsText();
+function runScript(name, callback) {
+ var script = document.createElement("script");
+ script.src = name;
+ script.onload = callback;
+ document.head.appendChild(script);
+}
+var increment = 0;
+var SameOriginTextScript = 991,
+ SameOriginOtherScript = 992,
+ CrossOriginTextScript = 993,
+ CrossOriginOtherScript = 994;
+var counters = [SameOriginTextScript,
+ SameOriginOtherScript,
+ CrossOriginTextScript,
+ CrossOriginOtherScript];
+function getUseCounters() {
+ return counters.map(counter => window.internals.isUseCounted(document, counter));
+}
+function testCase(test, callback) {
+ var previousCounters = getUseCounters();
+ var previousIncrement = increment;
+ var url = (test.crossOrigin ? "http://localhost:8000" : "") +
+ "/security/resources/javascript-mimetype.php?mimetype=" + test.mimetype;
+ runScript(url, function() {
+ assert_false(test.expectFailure === true);
+ assert_equals(previousIncrement + 1, increment, "should have run the script");
+ var newCounters = getUseCounters();
+ for (var counter in counters) {
+ if (counters[counter] === test.useCounter) {
+ assert_equals(previousCounters[counter], !!test.secondTime);
+ assert_equals(newCounters[counter], true);
+ } else {
+ assert_equals(previousCounters[counter], newCounters[counter]);
+ }
+ }
+ alert("Correct");
+ callback();
+ });
+ if (test.expectFailure) callback();
+}
+function nextCase(cases, i) {
+ if (i >= cases.length)
+ return function() {};
+ else return function() {
+ testCase(cases[i], nextCase(cases, i + 1));
+ }
+}
+function runTestCases(cases) {
+ nextCase(cases, 0)();
+}
+
+var initialCounters = getUseCounters();
+for (var initialCounter of initialCounters) {
+ assert_false(initialCounter);
+}
+runTestCases([
+ // JS mimetypes don't increment any usecounters
+ { mimetype: 'text/livescript', crossOrigin: false, useCounter: -1 },
+ { mimetype: 'text/jscript', crossOrigin: true, useCounter: -1 },
+ { mimetype: 'application/ecmascript', crossOrigin: false, useCounter: -1 },
+ { mimetype: 'text/ecmascript', crossOrigin: true, useCounter: -1 },
+
+ // Counters are not incremented on invalid use of images
+ { mimetype: 'image/foo', crossOrigin: false, useCounter: -1, expectFailure: true },
+ { mimetype: 'image/bar', crossOrigin: true, useCounter: -1, expectFailure: true },
+
+ // Text mimetypes are registered separately
+ { mimetype: 'text/html', crossOrigin: false, useCounter: SameOriginTextScript },
+ { mimetype: 'text/csv', crossOrigin: false, useCounter: SameOriginTextScript, secondTime: true },
+
+ { mimetype: 'text/html', crossOrigin: true, useCounter: CrossOriginTextScript },
+ { mimetype: 'text/csv', crossOrigin: true, useCounter: CrossOriginTextScript , secondTime: true },
+
+ { mimetype: 'foo/html', crossOrigin: false, useCounter: SameOriginOtherScript },
+ { mimetype: 'foo/csv', crossOrigin: false, useCounter: SameOriginOtherScript, secondTime: true },
+
+ { mimetype: 'foo/html', crossOrigin: true, useCounter: CrossOriginOtherScript },
+ { mimetype: 'foo/csv', crossOrigin: true, useCounter: CrossOriginOtherScript, secondTime: true },
+]);
+</script>
+</body>
« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/javascript-mimetype-usecounters-expected.txt » ('j') | third_party/WebKit/Source/core/dom/ScriptLoader.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698