OLD | NEW |
---|---|
(Empty) | |
1 function assert_no_csp_event_for_url(test, url) { | |
2 document.addEventListener("securitypolicyviolation", test.step_func(e => { | |
3 if (e.blockedURI !== url) | |
4 return; | |
5 assert_unreached("SecurityPolicyViolation event fired for " + url); | |
6 })); | |
7 } | |
8 | |
9 function assert_no_event(test, obj, name) { | |
10 obj.addEventListener(name, test.unreached_func("The '" + name + "' event shoul d not have fired.")); | |
11 } | |
12 | |
13 function waitUntilCSPEventForURL(test, url) { | |
14 return new Promise((resolve, reject) => { | |
15 document.addEventListener("securitypolicyviolation", test.step_func(e => { | |
16 if (e.blockedURI == url) | |
17 resolve(e); | |
18 })); | |
19 }); | |
20 } | |
21 | |
22 function waitUntilEvent(obj, name) { | |
23 return new Promise((resolve, reject) => { | |
24 obj.addEventListener(name, resolve); | |
25 }); | |
26 } | |
27 | |
28 // Given the URL of a worker that pings its opener upon load, this | |
29 // function builds a test that asserts that the that the ping is | |
estark
2016/11/09 16:48:05
nit: extra "that the"
| |
30 // received, and that no CSP event fires. | |
31 function assert_worker_is_loaded(url, description) { | |
32 async_test(t => { | |
33 assert_no_csp_event_for_url(t, url); | |
34 var w = new Worker(url); | |
35 assert_no_event(t, w, "error"); | |
36 waitUntilEvent(w, "message") | |
37 .then(t.step_func_done(e => { | |
38 assert_equals(e.data, "ping"); | |
39 })); | |
40 }, description); | |
41 } | |
42 | |
43 function assert_shared_worker_is_loaded(url, description) { | |
44 async_test(t => { | |
45 assert_no_csp_event_for_url(t, url); | |
46 var w = new SharedWorker(url); | |
47 assert_no_event(t, w, "error"); | |
48 waitUntilEvent(w.port, "message") | |
49 .then(t.step_func_done(e => { | |
50 assert_equals(e.data, "ping"); | |
51 })); | |
52 w.port.start(); | |
53 }, description); | |
54 } | |
55 | |
56 function assert_service_worker_is_loaded(url, description) { | |
57 promise_test(t => { | |
58 assert_no_csp_event_for_url(t, url); | |
foolip
2016/11/09 16:17:52
Yep, this actually works. It looked to me like a m
| |
59 return Promise.all([ | |
60 waitUntilEvent(navigator.serviceWorker, "message") | |
61 .then(e => { | |
62 assert_equals(e.data, "ping"); | |
63 }), | |
64 navigator.serviceWorker.register(url, { scope: url }) | |
65 .then(r => { | |
66 var sw = r.active || r.installing || r.waiting; | |
67 t.add_cleanup(_ => r.unregister()); | |
68 sw.postMessage("pong?"); | |
69 }) | |
70 ]); | |
71 }, description); | |
72 } | |
73 | |
74 // Given the URL of a worker that pings its opener upon load, this | |
75 // function builds a test that asserts that the constructor throws | |
76 // a SecurityError, and that a CSP event fires. | |
77 function assert_worker_is_blocked(url, description) { | |
78 async_test(t => { | |
79 // If |url| is a blob, it will be stripped down to "blob" for reporting. | |
80 var reportedURL = new URL(url).protocol == "blob:" ? "blob" : url; | |
81 waitUntilCSPEventForURL(t, reportedURL) | |
82 .then(t.step_func_done(e => { | |
83 assert_equals(e.blockedURI, reportedURL); | |
84 assert_equals(e.violatedDirective, "worker-src"); | |
85 assert_equals(e.effectiveDirective, "worker-src"); | |
86 })); | |
87 | |
88 // TODO(mkwst): We shouldn't be throwing here. We should be firing an | |
89 // `error` event on the Worker. https://crbug.com/663298 | |
90 assert_throws("SecurityError", function () { | |
91 var w = new Worker(url); | |
92 }); | |
93 }, description); | |
94 } | |
95 | |
96 function assert_shared_worker_is_blocked(url, description) { | |
97 async_test(t => { | |
98 // If |url| is a blob, it will be stripped down to "blob" for reporting. | |
99 var reportedURL = new URL(url).protocol == "blob:" ? "blob" : url; | |
100 waitUntilCSPEventForURL(t, reportedURL) | |
101 .then(t.step_func_done(e => { | |
102 assert_equals(e.blockedURI, reportedURL); | |
103 assert_equals(e.violatedDirective, "worker-src"); | |
104 assert_equals(e.effectiveDirective, "worker-src"); | |
105 })); | |
106 | |
107 // TODO(mkwst): We shouldn't be throwing here. We should be firing an | |
108 // `error` event on the SharedWorker. https://crbug.com/663298 | |
109 assert_throws("SecurityError", function () { | |
110 var w = new SharedWorker(url); | |
111 }); | |
112 }, description); | |
113 } | |
114 | |
115 function assert_service_worker_is_blocked(url, description) { | |
116 promise_test(t => { | |
117 assert_no_event(t, navigator.serviceWorker, "message"); | |
118 // If |url| is a blob, it will be stripped down to "blob" for reporting. | |
119 var reportedURL = new URL(url).protocol == "blob:" ? "blob" : url; | |
120 return Promise.all([ | |
121 waitUntilCSPEventForURL(t, reportedURL) | |
122 .then(t.step_func_done(e => { | |
123 assert_equals(e.blockedURI, reportedURL); | |
124 assert_equals(e.violatedDirective, "worker-src"); | |
125 assert_equals(e.effectiveDirective, "worker-src"); | |
126 })), | |
127 promise_rejects(t, "SecurityError", navigator.serviceWorker.register(url, { scope: url })) | |
128 ]); | |
129 }, description); | |
130 } | |
131 | |
OLD | NEW |