third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/testharness-helper.sub.js - Issue 2695813009: Import wpt@503f5b5f78ec4e87d144f78609f363f0ed0ea8db - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(4)

My Issues | Starred Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/testharness-helper.sub.js

Issue 2695813009: Import wpt@503f5b5f78ec4e87d144f78609f363f0ed0ea8db (Closed)

Patch Set: Skip some tests Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/echo-policy-multiple.py ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/font-src/font-blacklisted.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 const Host = {

	2 SAME_ORIGIN: "same-origin",

	3 CROSS_ORIGIN: "cross-origin",

	4 };

	5

	6 const PolicyHeader = {

	7 CSP: "echo-policy.py?policy=",

	8 CSP_MULTIPLE: "echo-policy-multiple.py",

	9 EMBEDDING_CSP: "echo-embedding-csp.py",

	10 ALLOW_CSP_FROM: "echo-allow-csp-from.py",

	11 };

	12

	13 const IframeLoad = {

	14 EXPECT_BLOCK: true,

	15 EXPECT_LOAD: false,

	16 };

	17

	18 function getOrigin() {

	19 var url = new URL("http://{{host}}:{{ports[http][0]}}/");

	20 return url.toString();

	21 }

	22

	23 function getCrossOrigin() {

	24 var url = new URL("http://{{domains[天気の良い日]}}:{{ports[http][0]}}/");

	25 return url.toString();

	26 }

	27

	28 function getSecureCrossOrigin() {

	29 // Since wptserve spins up servers on non-default port, 'self' matches

	30 // http://[host]:[specified-port] and https://[host]:[specified-port], but not

	31 // https://[host]:[https-port]. So, we use the http port for this https origin

	32 // in order to verify that a secure variant of a non-secure URL matches 'self' .

	33 var url = new URL("https://{{domains[天気の良い日]}}:{{ports[http][0]}}");

	34 return url.toString();

	35 }

	36

	37 function generateURL(host, path) {

	38 var url = new URL("http://{{host}}:{{ports[http][0]}}/content-security-policy/ embedded-enforcement/support/");

	39 url.hostname = host == Host.SAME_ORIGIN ? "{{host}}" : "{{domains[天気の良い日]}}";

	40 url.pathname += path;

	41

	42 return url;

	43 }

	44

	45 function generateURLString(host, path) {

	46 return generateURL(host, path).toString();

	47 }

	48

	49 function generateRedirect(host, target) {

	50 var url = new URL("http://{{host}}:{{ports[http][0]}}/common/redirect.py?locat ion=" +

	51 encodeURIComponent(target));

	52 url.hostname = host == Host.SAME_ORIGIN ? "{{host}}" : "{{domains[天気の良い日]}}";

	53

	54 return url.toString();

	55 }

	56

	57 function generateUrlWithPolicies(host, policy) {

	58 var url = generateURL(host, PolicyHeader.CSP_MULTIPLE);

	59 if (policy != null)

	60 url.searchParams.append("policy", policy);

	61 return url;

	62 }

	63

	64 function generateUrlWithAllowCSPFrom(host, allowCspFrom) {

	65 var url = generateURL(host, PolicyHeader.ALLOW_CSP_FROM);

	66 if (allowCspFrom != null)

	67 url.searchParams.append("allow_csp_from", allowCspFrom);

	68 return url;

	69 }

	70

	71 function assert_embedding_csp(t, url, csp, expected) {

	72 var i = document.createElement('iframe');

	73 if(csp)

	74 i.csp = csp;

	75 i.src = url;

	76

	77 window.addEventListener('message', t.step_func(e => {

	78 if (e.source != i.contentWindow \|\| !('embedding_csp' in e.data))

	79 return;

	80 assert_equals(expected, e.data['embedding_csp']);

	81 t.done();

	82 }));

	83

	84 document.body.appendChild(i);

	85 }

	86

	87 function assert_iframe_with_csp(t, url, csp, shouldBlock, urlId, blockedURI) {

	88 var i = document.createElement('iframe');

	89 url.searchParams.append("id", urlId);

	90 i.src = url.toString();

	91 if (csp != null)

	92 i.csp = csp;

	93

	94 var loaded = {};

	95 window.addEventListener("message", function (e) {

	96 if (e.source != i.contentWindow)

	97 return;

	98 if (e.data["loaded"])

	99 loaded[e.data["id"]] = true;

	100 });

	101

	102 if (shouldBlock) {

	103 // Assert iframe does not load and is inaccessible.

	104 window.onmessage = function (e) {

	105 if (e.source != i.contentWindow)

	106 return;

	107 t.unreached_func('No message should be sent from the frame.');

	108 }

	109 i.onload = t.step_func(function () {

	110 // Delay the check until after the postMessage has a chance to execute.

	111 setTimeout(t.step_func_done(function () {

	112 assert_equals(loaded[urlId], undefined);

	113 }), 1);

	114 assert_throws("SecurityError", () => {

	115 var x = i.contentWindow.location.href;

	116 });

	117 });

	118 } else if (blockedURI) {

	119 // Assert iframe loads with an expected violation.

	120 window.addEventListener('message', t.step_func(e => {

	121 if (e.source != i.contentWindow)

	122 return;

	123 assert_equals(e.data["blockedURI"], blockedURI);

	124 t.done();

	125 }));

	126 } else {

	127 // Assert iframe loads.

	128 i.onload = t.step_func(function () {

	129 // Delay the check until after the postMessage has a chance to execute.

	130 setTimeout(t.step_func_done(function () {

	131 assert_true(loaded[urlId]);

	132 }), 1);

	133 });

	134 }

	135 document.body.appendChild(i);

	136 }

OLD	NEW

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/echo-policy-multiple.py ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/font-src/font-blacklisted.html » ('j') | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698