third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/style-reportonly-allowed.php - Issue 2761153003: PlzNavigate & CSP. Use the SourceLocation in violation reports.

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/style-reportonly-allowed.php

Issue 2761153003: PlzNavigate & CSP. Use the SourceLocation in violation reports. (Closed)

Patch Set: Transmit the source_location instead of the line number. Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/style-enforce-blocked.php ('K') | « third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/style-multiple-blocked.php ('k') | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/report-and-enforce-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 <?php	1 <?php

2 header("Content-Security-Policy-Report-Only: style-src 'nonce-abc'");	2 header("Content-Security-Policy-Report-Only: style-src 'nonce-abc'");

3 ?>	3 ?>

4 <!doctype html>	4 <!doctype html>

5 <script src="/resources/testharness.js"></script>	5 <script src="/resources/testharness.js"></script>

6 <script src="/resources/testharnessreport.js"></script>	6 <script src="/resources/testharnessreport.js"></script>

7 <script>	7 <script>

8 async_test(t => {	8 async_test(t => {

9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation',' securitypolicyviolation']);	9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation',' securitypolicyviolation']);

10 watcher	10 watcher

11 .wait_for('securitypolicyviolation')	11 .wait_for('securitypolicyviolation')

12 .then(t.step_func(e => {	12 .then(t.step_func(e => {

13 assert_equals(e.blockedURI, "inline");	13 assert_equals(e.blockedURI, "inline");

14 assert_equals(e.lineNumber, 24);	14 assert_equals(e.lineNumber, 20);

15 return watcher.wait_for('securitypolicyviolation');	15 return watcher.wait_for('securitypolicyviolation');

16 }))	16 }))

17 .then(t.step_func_done(e => {	17 .then(t.step_func_done(e => {

18 assert_equals(e.blockedURI, "http://127.0.0.1:8000/security/cont entSecurityPolicy/style-set-red.css");	18 assert_equals(e.blockedURI, "http://127.0.0.1:8000/security/cont entSecurityPolicy/style-set-red.css");

19 assert_equals(e.lineNumber, 25);	19 assert_equals(e.lineNumber, 25);

20 }));	20 }));

21 }, "Incorrectly nonced style blocks generate reports.");	21 }, "Incorrectly nonced style blocks generate reports.");

22 </script>	22 </script>

23 <style>	23 <style>

24 #test1 {	24 #test1 {

25 color: rgba(1,1,1,1);	25 color: rgba(1,1,1,1);

26 }	26 }

27 </style>	27 </style>

28 <link rel="stylesheet" href="/security/contentSecurityPolicy/style-set-red.css" nonce="xyz">	28 <link rel="stylesheet" href="/security/contentSecurityPolicy/style-set-red.css" nonce="xyz">

29 <script>	29 <script>

30 async_test(t => {	30 async_test(t => {

31 window.onload = t.step_func_done(_ => {	31 window.onload = t.step_func_done(_ => {

32 assert_equals(document.styleSheets.length, 2);	32 assert_equals(document.styleSheets.length, 2);

33 assert_equals(document.styleSheets[0].href, null);	33 assert_equals(document.styleSheets[0].href, null);

34 assert_equals(document.styleSheets[1].href, "http://127.0.0.1:8000/s ecurity/contentSecurityPolicy/style-set-red.css");	34 assert_equals(document.styleSheets[1].href, "http://127.0.0.1:8000/s ecurity/contentSecurityPolicy/style-set-red.css");

35 });	35 });

36 }, "Incorrectly nonced stylesheets load.");	36 }, "Incorrectly nonced stylesheets load.");

37 </script>	37 </script>

OLD	NEW