Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(57)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-eval-blocked.html

Issue 2540983003: CSP: Dedicated workers always inherit policy. (Closed)
Patch Set: Rebase. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-connect-src-blocked-expected.txt ('k') | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-multiple-csp-headers.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script src="/resources/testharness.js"></script> 4 <script src="/resources/testharness.js"></script>
5 <script src="/resources/testharnessreport.js"></script> 5 <script src="/resources/testharnessreport.js"></script>
6 </head> 6 </head>
7 <body> 7 <body>
8 <script> 8 <script>
9 function runWorkerTest(type, policy, expectation) { 9 function runWorkerTest(type, policy, expectation) {
10 policy = encodeURIComponent(policy); 10 policy = encodeURIComponent(policy);
11 if (expectation.none) { 11 if (expectation.none) {
12 var worker = new Worker("./resources/worker-testharness.php?csp=" + poli cy + "&type=" + type + "&expectation=none"); 12 var worker = new Worker("./resources/worker-testharness.php?csp=" + poli cy + "&type=" + type + "&expectation=none");
13 async_test(function (t) { 13 async_test(function (t) {
14 worker.onmessage = t.step_func_done(function (e) { 14 worker.onmessage = t.step_func_done(function (e) {
15 assert_equals(e.data.state, expectation.none); 15 assert_equals(e.data.state, expectation.none);
16 }); 16 });
17 }, type + " " + expectation.none + " for '" + policy + "'"); 17 }, type + " " + expectation.none + " for '" + policy + "'");
18 } else { 18 } else {
19 var worker = new Worker("./resources/worker-testharness.php?csp=" + poli cy + "&type=" + type + "&expectation=" + expectation); 19 var worker = new Worker("./resources/worker-testharness.php?csp=" + poli cy + "&type=" + type + "&expectation=" + expectation);
20 fetch_tests_from_worker(worker); 20 fetch_tests_from_worker(worker);
21 } 21 }
22 } 22 }
23 runWorkerTest("eval", "script-src 'none'", { "none": "blocked" }); 23
24 runWorkerTest("eval", "default-src 'none'", { "none": "blocked" }); 24 // The policy delivered with the worker does not affect the worker context.
25 runWorkerTest("eval", "script-src 'self'", "blocked"); 25 runWorkerTest("eval", "script-src 'none'", { "none": "allowed" });
26 runWorkerTest("eval", "default-src 'self'", "blocked"); 26 runWorkerTest("eval", "default-src 'none'", { "none": "allowed" });
27 runWorkerTest("eval", "script-src 'self'", "allowed");
28 runWorkerTest("eval", "default-src 'self'", "allowed");
27 runWorkerTest("eval", "script-src 'self' 'unsafe-eval'", "allowed"); 29 runWorkerTest("eval", "script-src 'self' 'unsafe-eval'", "allowed");
28 runWorkerTest("eval", "default-src 'self' 'unsafe-eval'", "allowed"); 30 runWorkerTest("eval", "default-src 'self' 'unsafe-eval'", "allowed");
29 </script> 31 </script>
30 </body> 32 </body>
31 </html> 33 </html>
OLDNEW
« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-connect-src-blocked-expected.txt ('k') | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-multiple-csp-headers.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698