third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html - Issue 2695813009: Import wpt@503f5b5f78ec4e87d144f78609f363f0ed0ea8db

Unified Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html

Issue 2695813009: Import wpt@503f5b5f78ec4e87d144f78609f363f0ed0ea8db (Closed)

Patch Set: Skip some tests Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html

diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html

new file mode 100644

index 0000000000000000000000000000000000000000..9d08d24daba19beedaea55b320a5e7eb2f34f689

--- /dev/null

+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html

@@ -0,0 +1,49 @@

+<!DOCTYPE html>

+<html>

+<head>

+<title>Embedded Enforcement: Subsumption Algorithm - 'self' keyword.</title>

+ <script src="/resources/testharness.js"></script>

+ <script src="/resources/testharnessreport.js"></script>

+ <script src="support/testharness-helper.sub.js"></script>

+</head>

+<body>

+ <script>

+ var tests = [

+ { "name": "'self' keywords should match.",

+ "required_csp": "img-src 'self' http://b.com:*",

+ "returned_csp": "img-src 'self' http://b.com:*",

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Returned CSP does not have to specify 'self'.",

+ "required_csp": "img-src 'self' http://b.com:*",

+ "returned_csp": "img-src http://b.com:*",

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Returned CSP must not allow 'self' if required CSP does not.",

+ "required_csp": "img-src http://b.com:*",

+ "returned_csp": "img-src 'self' http://b.com:*",

+ "expected": IframeLoad.EXPECT_BLOCK },

+ { "name": "Returned 'self' should match to an origin's url.",

+ "required_csp": "img-src 'self' http://b.com:*",

+ "returned_csp": "img-src " + getCrossOrigin(),

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Required 'self' should match to a origin's url.",

+ "required_csp": "img-src " + getCrossOrigin() + " http://b.com:*",

+ "returned_csp": "img-src 'self'",

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Required 'self' should subsume a more secure version of origin's url.",

+ "required_csp": "img-src 'self' http://b.com:*",

+ "returned_csp": "img-src " + getSecureCrossOrigin(),

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Returned 'self' should not be subsumed by a more secure version of origin's url.",

+ "required_csp": "img-src " + getSecureCrossOrigin() + " http://b.com:*",

+ "returned_csp": "img-src 'self'",

+ "expected": IframeLoad.EXPECT_BLOCK },

+ ];

+ tests.forEach(test => {

+ async_test(t => {

+ var url = generateUrlWithPolicies(Host.CROSS_ORIGIN, test.returned_csp);

+ assert_iframe_with_csp(t, url, test.required_csp, test.expected, test.name, null);

+ }, test.name);

+ });

+ </script>

+</body>

+</html>