third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html - Issue 2002003002: Generate CSP violation reports for 'block-all-mixed-content'

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html

Issue 2002003002: Generate CSP violation reports for 'block-all-mixed-content' (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https-expected.txt » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html

diff --git a/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html

index fea9de0014f5468c9f2b079beae2688ef0f3dde4..76f5e8c4d9e78c12eaefc078766b78125c1e16ec 100644

--- a/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html

+++ b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html

@@ -1,15 +1,38 @@

<!doctype html>

-<html>

-<head>

- <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">

- <script>

- if (window.testRunner) {

- testRunner.dumpAsText();

- }

- </script>

-</head>

+<meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">

+<script src="/resources/testharness.js"></script>

+<script src="/resources/testharnessreport.js"></script>

<body>

- <p>This test passes if the image below is treated as blockable content.</p>

- <img src="http://127.0.0.1:8080/security/resources/compass.jpg">

-</body>

-</html>

+<script>

+ async_test(t => {

+ var i = document.createElement('img');

+ i.onload = t.assert_unreached;

+ i.onerror = t.step_func_done(_ => {

+ assert_equals(0, i.naturalWidth);

+ assert_equals(0, i.naturalHeight);

+ });

+ i.src = "http://127.0.0.1:8080/security/resources/compass.jpg?t=1";

+ }, "Mixed images are blocked in the presence of 'block-all-mixed-content'.");

+ async_test(t => {

+ var i = document.createElement('img');

+ i.onload = t.assert_unreached;

+ document.addEventListener('securitypolicyviolation', t.step_func_done(e => {

+ var expectations = {

+ 'documentURI': document.location.toString(),

+ 'referrer': document.referrer,

+ 'blockedURI': 'http://127.0.0.1:8080',

+ 'violatedDirective': 'block-all-mixed-content',

+ 'effectiveDirective': 'block-all-mixed-content',

+ 'originalPolicy': 'block-all-mixed-content',

+ 'sourceFile': '',

+ 'lineNumber': 0,

+ 'columnNumber': 0,

+ 'statusCode': 0

+ };

+ for (key in expectations)

+ assert_equals(expectations[key], e[key], key);

+ }));

+ i.src = "http://127.0.0.1:8080/security/resources/compass.jpg?t=2";

+ }, "Mixed images generate CSP violation reports in the presence of 'block-all-mixed-content'.");

jww 2016/05/26 00:30:34 Would it be worth add a second test file for a rep

+</script>