Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/targeting.html

Issue 2704543002: Import wpt@3bd204d7e86fd81e98e63f4ce59b95d98bad1c54 (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/idl.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/style-src/3_3.css » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 <!doctype html>
2 <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-abc'; styl e-src 'self'">
3 <script nonce="abc" src="/resources/testharness.js"></script>
4 <script nonce="abc" src="/resources/testharnessreport.js"></script>
5 <script nonce="abc">
6 var unexecuted_test = async_test("These tests should not fail.");
7
8 async_test(t => {
9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation'])
10 watcher.wait_for('securitypolicyviolation')
11 .then(t.step_func(e => {
12 assert_equals(e.blockedURI, "inline");
13 assert_equals(e.target, document.querySelector('#block1'));
14 return watcher.wait_for('securitypolicyviolation');
15 }))
16 .then(t.step_func(e => {
17 assert_equals(e.blockedURI, "inline");
18 assert_equals(e.target, document.querySelector('#block2'));
19 return watcher.wait_for('securitypolicyviolation');
20 }))
21 .then(t.step_func(e => {
22 assert_equals(e.blockedURI, "inline");
23 assert_equals(e.target, document.querySelector('#block3'));
24 return watcher.wait_for('securitypolicyviolation');
25 }))
26 .then(t.step_func(e => {
27 assert_equals(e.blockedURI, "inline");
28 assert_equals(e.target, document.querySelector('#block4'));
29 return watcher.wait_for('securitypolicyviolation');
30 }))
31 .then(t.step_func(e => {
32 assert_equals(e.blockedURI, "inline");
33 assert_equals(e.target, document.querySelector('#block5'));
34 return watcher.wait_for('securitypolicyviolation');
35 }))
36 .then(t.step_func(e => {
37 assert_equals(e.blockedURI, "inline");
38 assert_equals(e.lineNumber, 132);
39 assert_equals(e.target, document, "Disconnected elements target the document");
40 return watcher.wait_for('securitypolicyviolation');
41 }))
42 .then(t.step_func(e => {
43 assert_equals(e.blockedURI, "inline");
44 assert_equals(e.lineNumber, 143);
45 assert_equals(e.target, document, "Elements disconnected after t riggering target the document.");
46 return watcher.wait_for('securitypolicyviolation');
47 }))
48 .then(t.step_func(e => {
49 assert_equals(e.blockedURI, "inline");
50 assert_equals(e.lineNumber, 157);
51 assert_equals(e.target, document, "Elements in DocumentFragments target the document");
52 }))
53 .then(t.step_func_done(_ => {
54 unexecuted_test.done();
55 }));
56 }, "Inline violations target the right element.");
57 </script>
58 <!-- Inline block with no nonce. -->
59 <script id="block1">
60 unexecuted_test.assert_unreached("This code block should not execute.");
61 </script>
62
63 <!-- Inline event handler. -->
64 <a id="block2" onclick="void(0)">Click me!</a>
65 <script nonce='abc'>document.querySelector('#block2').click();</script>
66
67 <!-- Style block. -->
68 <style id="block3">
69 p { color: red !important; }
70 </style>
71
72 <!-- Inline event handler inside Shadow DOM -->
73 <div id="block4"></div>
74 <script nonce='abc'>
75 async_test(t => {
76 var shadow = document.querySelector('#block4').attachShadow({"mode":"closed" });
77 shadow.innerHTML = "<a id='block4a' onclick='void(0)'>Click!</a>";
78 var a = shadow.querySelector('#block4a');
79 a.addEventListener('securitypolicyviolation', t.step_func_done(e => {
80 assert_equals(e.blockedURI, "inline");
81 assert_equals(e.target, a);
82 }));
83 a.click();
84 }, "Correct targeting inside shadow tree (inline handler).");
85 </script>
86
87 <!-- Inline event handler inside Shadow DOM -->
88 <div id="block5"></div>
89 <script nonce='abc'>
90 async_test(t => {
91 var shadow = document.querySelector('#block5').attachShadow({"mode":"closed" });
92 var style = document.createElement('style');
93 style.innerText = 'p { color: red; }';
94 style.addEventListener('securitypolicyviolation', t.step_func_done(e => {
95 assert_equals(e.blockedURI, "inline");
96 assert_equals(e.target, style);
97 }));
98 shadow.appendChild(style);
99 }, "Correct targeting inside shadow tree (style).");
100 </script>
101
102 <!-- Pushed into a same-origin Document that isn't this Document -->
103 <iframe id="block6"></iframe>
104 <script nonce="abc">
105 async_test(t => {
106 var d = document.createElement("div");
107 d.setAttribute("onclick", "void(0);");
108 var events = 0;
109 d.addEventListener('securitypolicyviolation', t.step_func(e => {
110 events++;
111 assert_equals(e.blockedURI, "inline");
112 assert_equals(e.target, d);
113 }));
114 document.querySelector('#block6').contentDocument.addEventListener('security policyviolation', t.step_func_done(e => {
115 events++;
116 assert_equals(e.blockedURI, "inline");
117 assert_equals(e.target, d);
118 assert_equals(events, 2);
119 }));
120 document.querySelector('#block6').contentDocument.body.appendChild(d);
121 d.click();
122 }, "Elements created in this document, but pushed into a same-origin frame tri gger on that frame's document, not on this frame's document.");
123 </script>
124
125 <!-- Disconnected inline event handler -->
126 <script nonce="abc">
127 async_test(t => {
128 var d = document.createElement("div");
129 d.setAttribute("onclick", "void(0);");
130 d.addEventListener('securitypolicyviolation', t.unreached_func());
131 d.click();
132 t.done();
133 }, "Inline event handlers for disconnected elements target the document.");
134 </script>
135
136 <!-- Inline event handler, disconnected after click. -->
137 <a id="block8" onclick="void(0)">Click me also!</a>
138 <script nonce="abc">
139 async_test(t => {
140 var a = document.querySelector('#block8');
141 a.addEventListener('securitypolicyviolation', t.unreached_func());
142 a.click();
143 a.parentNode.removeChild(a);
144 t.done();
145 }, "Inline event handlers for elements disconnected after triggering target th e document.");
146 </script>
147
148 <!-- Disconnected in a DocumentFragment -->
149 <script nonce="abc">
150 async_test(t => {
151 var f = new DocumentFragment();
152 var d = document.createElement('div');
153 d.setAttribute('onclick', 'void(0)');
154 d.addEventListener('securitypolicyviolation', t.unreached_func());
155 f.appendChild(d);
156 d.click();
157 t.done();
158 }, "Inline event handlers for elements in a DocumentFragment target the docume nt.");
159 </script>
OLDNEW
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/idl.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/style-src/3_3.css » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698