third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html - Issue 2695813009: Import wpt@503f5b5f78ec4e87d144f78609f363f0ed0ea8db

Unified Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html

Issue 2695813009: Import wpt@503f5b5f78ec4e87d144f78609f363f0ed0ea8db (Closed)

Patch Set: Skip some tests Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/iframe-csp-attribute.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html

diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html

new file mode 100644

index 0000000000000000000000000000000000000000..f8e6b0bd0f83f98a403676f4b2e1b04730941da2

--- /dev/null

+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html

@@ -0,0 +1,54 @@

+<!DOCTYPE html>

+<html>

+<head>

+<title>Embedded Enforcement: Subsumption Algorithm - Basic implementation.</title>

+ <script src="/resources/testharness.js"></script>

+ <script src="/resources/testharnessreport.js"></script>

+ <script src="support/testharness-helper.sub.js"></script>

+</head>

+<body>

+ <script>

+ var tests = [

+ { "name": "If there is no required csp, iframe should load.",

+ "required_csp": null,

+ "returned_csp": null,

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Iframe with empty returned CSP should be blocked.",

+ "required_csp": "style-src 'none';",

+ "returned_csp": null,

+ "expected": IframeLoad.EXPECT_BLOCK },

+ { "name": "Iframe with matching CSP should load.",

+ "required_csp": "style-src 'none'; script-src 'unsafe-inline'",

+ "returned_csp": "style-src 'none'; script-src 'unsafe-inline'",

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Iframe with more restricting CSP should load.",

+ "required_csp": "script-src 'nonce-abc' 'nonce-123'",

+ "returned_csp": "script-src 'nonce-abc'",

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Iframe with less restricting CSP should be blocked.",

+ "required_csp": "style-src 'none'; script-src 'none'",

+ "returned_csp": "style-src 'none'; script-src 'self'",

+ "expected": IframeLoad.EXPECT_BLOCK },

+ { "name": "Iframe with a different CSP should be blocked.",

+ "required_csp": "script-src 'nonce-abc' 'nonce-123'",

+ "returned_csp": "style-src 'none'",

+ "expected": IframeLoad.EXPECT_BLOCK },

+ { "name": "Iframe with a matching and more restrictive ports should load.",

+ "required_csp": "frame-src http://c.com:443 http://b.com",

+ "returned_csp": "frame-src http://b.com:80 http://c.com:443",

+ "expected": IframeLoad.EXPECT_LOAD },

+ { "name": "Iframe should load even if the ports are different but are default for the protocols.",

+ "required_csp": "frame-src http://b.com:80",

+ "returned_csp": "child-src https://b.com:443",

+ "expected": IframeLoad.EXPECT_LOAD },

+ ];

+ tests.forEach(test => {

+ async_test(t => {

+ var url = generateUrlWithPolicies(Host.CROSS_ORIGIN, test.returned_csp);

+ assert_iframe_with_csp(t, url, test.required_csp, test.expected, test.name, null);

+ }, test.name);

+ });

+ </script>

+</body>

+</html>