third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-reportonly.https.php - Issue 2002943002: CSP violation reports should report the pre-redirect URL.

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-reportonly.https.php

Issue 2002943002: CSP violation reports should report the pre-redirect URL. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase. Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-blocked.https.html ('k') | third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-reportonly.https.php

diff --git a/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-reportonly.https.php b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-reportonly.https.php

index fe5c2f312469b8cef613962463fc18736a39c1dd..7b2c280a918095940662ad0ea85873d815a985f6 100644

--- a/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-reportonly.https.php

+++ b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/strict-mode-image-reportonly.https.php

@@ -6,34 +6,37 @@

<body>

- async_test(t => {

- var i = document.createElement('img');

- i.onerror = t.assert_unreached;

- i.onload = t.step_func_done(_ => {

- assert_equals(128, i.naturalWidth);

- assert_equals(128, i.naturalHeight);

- });

- i.src = "http://127.0.0.1:8080/security/resources/compass.jpg?t=1";

- }, "Mixed images are allowed in the presence of 'block-all-mixed-content' in report-only mode.");

+ function waitForEvent(t, el, name) {

+ return new EventWatcher(t, el, [name]).wait_for(name);

+ }

async_test(t => {

var i = document.createElement('img');

- document.addEventListener('securitypolicyviolation', t.step_func_done(e => {

- var expectations = {

- 'documentURI': document.location.toString(),

- 'referrer': document.referrer,

- 'blockedURI': 'http://127.0.0.1:8080',

- 'violatedDirective': 'block-all-mixed-content',

- 'effectiveDirective': 'block-all-mixed-content',

- 'originalPolicy': 'block-all-mixed-content',

- 'sourceFile': '',

- 'lineNumber': 0,

- 'columnNumber': 0,

- 'statusCode': 0

- };

- for (key in expectations)

- assert_equals(expectations[key], e[key], key);

- }));

- i.src = "http://127.0.0.1:8080/security/resources/compass.jpg?t=2";

- }, "Mixed images generate CSP violation reports in the presence of 'block-all-mixed-content'.");

+ i.onerror = t.unreached_func();

+ Promise.all([

+ waitForEvent(t, i, 'load').then(_ => {

+ assert_equals(128, i.naturalWidth);

+ assert_equals(128, i.naturalHeight);

+ }),

+ waitForEvent(t, document, 'securitypolicyviolation').then(e => {

+ var expectations = {

+ 'documentURI': document.location.toString(),

+ 'referrer': document.referrer,

+ 'blockedURI': 'http://127.0.0.1:8080/security/resources/compass.jpg?t=1',

+ 'violatedDirective': 'block-all-mixed-content',

+ 'effectiveDirective': 'block-all-mixed-content',

+ 'originalPolicy': 'block-all-mixed-content',

+ 'sourceFile': '',

+ 'lineNumber': 0,

+ 'columnNumber': 0,

+ 'statusCode': 0

+ };

+ for (key in expectations)

+ assert_equals(expectations[key], e[key], key);

+ })

+ ]).then(t.step_func_done());

+ i.src = "http://127.0.0.1:8080/security/resources/compass.jpg?t=1";

+ }, "Mixed images are allowed and generate CSP violation reports in the presence of 'block-all-mixed-content' in report-only mode.");

</script>