OLD | NEW |
(Empty) | |
| 1 function assert_no_csp_event_for_url(test, url) { |
| 2 document.addEventListener("securitypolicyviolation", test.step_func(e => { |
| 3 if (e.blockedURI !== url) |
| 4 return; |
| 5 assert_unreached("SecurityPolicyViolation event fired for " + url); |
| 6 })); |
| 7 } |
| 8 |
| 9 function assert_no_event(test, obj, name) { |
| 10 obj.addEventListener(name, test.unreached_func("The '" + name + "' event shoul
d not have fired.")); |
| 11 } |
| 12 |
| 13 function waitUntilCSPEventForURL(test, url) { |
| 14 return new Promise((resolve, reject) => { |
| 15 document.addEventListener("securitypolicyviolation", test.step_func(e => { |
| 16 if (e.blockedURI == url) |
| 17 resolve(e); |
| 18 })); |
| 19 }); |
| 20 } |
| 21 |
| 22 function waitUntilEvent(obj, name) { |
| 23 return new Promise((resolve, reject) => { |
| 24 obj.addEventListener(name, resolve); |
| 25 }); |
| 26 } |
| 27 |
| 28 // Given the URL of a worker that pings its opener upon load, this |
| 29 // function builds a test that asserts that the ping is received, |
| 30 // and that no CSP event fires. |
| 31 function assert_worker_is_loaded(url, description) { |
| 32 async_test(t => { |
| 33 assert_no_csp_event_for_url(t, url); |
| 34 var w = new Worker(url); |
| 35 assert_no_event(t, w, "error"); |
| 36 waitUntilEvent(w, "message") |
| 37 .then(t.step_func_done(e => { |
| 38 assert_equals(e.data, "ping"); |
| 39 })); |
| 40 }, description); |
| 41 } |
| 42 |
| 43 function assert_shared_worker_is_loaded(url, description) { |
| 44 async_test(t => { |
| 45 assert_no_csp_event_for_url(t, url); |
| 46 var w = new SharedWorker(url); |
| 47 assert_no_event(t, w, "error"); |
| 48 waitUntilEvent(w.port, "message") |
| 49 .then(t.step_func_done(e => { |
| 50 assert_equals(e.data, "ping"); |
| 51 })); |
| 52 w.port.start(); |
| 53 }, description); |
| 54 } |
| 55 |
| 56 function assert_service_worker_is_loaded(url, description) { |
| 57 promise_test(t => { |
| 58 assert_no_csp_event_for_url(t, url); |
| 59 return Promise.all([ |
| 60 waitUntilEvent(navigator.serviceWorker, "message") |
| 61 .then(e => { |
| 62 assert_equals(e.data, "ping"); |
| 63 }), |
| 64 navigator.serviceWorker.register(url, { scope: url }) |
| 65 .then(r => { |
| 66 var sw = r.active || r.installing || r.waiting; |
| 67 t.add_cleanup(_ => r.unregister()); |
| 68 sw.postMessage("pong?"); |
| 69 }) |
| 70 ]); |
| 71 }, description); |
| 72 } |
| 73 |
| 74 // Given the URL of a worker that pings its opener upon load, this |
| 75 // function builds a test that asserts that the constructor throws |
| 76 // a SecurityError, and that a CSP event fires. |
| 77 function assert_worker_is_blocked(url, description) { |
| 78 async_test(t => { |
| 79 // If |url| is a blob, it will be stripped down to "blob" for reporting. |
| 80 var reportedURL = new URL(url).protocol == "blob:" ? "blob" : url; |
| 81 waitUntilCSPEventForURL(t, reportedURL) |
| 82 .then(t.step_func_done(e => { |
| 83 assert_equals(e.blockedURI, reportedURL); |
| 84 assert_equals(e.violatedDirective, "worker-src"); |
| 85 assert_equals(e.effectiveDirective, "worker-src"); |
| 86 })); |
| 87 |
| 88 // TODO(mkwst): We shouldn't be throwing here. We should be firing an |
| 89 // `error` event on the Worker. https://crbug.com/663298 |
| 90 assert_throws("SecurityError", function () { |
| 91 var w = new Worker(url); |
| 92 }); |
| 93 }, description); |
| 94 } |
| 95 |
| 96 function assert_shared_worker_is_blocked(url, description) { |
| 97 async_test(t => { |
| 98 // If |url| is a blob, it will be stripped down to "blob" for reporting. |
| 99 var reportedURL = new URL(url).protocol == "blob:" ? "blob" : url; |
| 100 waitUntilCSPEventForURL(t, reportedURL) |
| 101 .then(t.step_func_done(e => { |
| 102 assert_equals(e.blockedURI, reportedURL); |
| 103 assert_equals(e.violatedDirective, "worker-src"); |
| 104 assert_equals(e.effectiveDirective, "worker-src"); |
| 105 })); |
| 106 |
| 107 // TODO(mkwst): We shouldn't be throwing here. We should be firing an |
| 108 // `error` event on the SharedWorker. https://crbug.com/663298 |
| 109 assert_throws("SecurityError", function () { |
| 110 var w = new SharedWorker(url); |
| 111 }); |
| 112 }, description); |
| 113 } |
| 114 |
| 115 function assert_service_worker_is_blocked(url, description) { |
| 116 promise_test(t => { |
| 117 assert_no_event(t, navigator.serviceWorker, "message"); |
| 118 // If |url| is a blob, it will be stripped down to "blob" for reporting. |
| 119 var reportedURL = new URL(url).protocol == "blob:" ? "blob" : url; |
| 120 return Promise.all([ |
| 121 waitUntilCSPEventForURL(t, reportedURL) |
| 122 .then(t.step_func_done(e => { |
| 123 assert_equals(e.blockedURI, reportedURL); |
| 124 assert_equals(e.violatedDirective, "worker-src"); |
| 125 assert_equals(e.effectiveDirective, "worker-src"); |
| 126 })), |
| 127 promise_rejects(t, "SecurityError", navigator.serviceWorker.register(url,
{ scope: url })) |
| 128 ]); |
| 129 }, description); |
| 130 } |
| 131 |
OLD | NEW |