OLD | NEW |
1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
2 <html> | 2 <html> |
3 <head> | 3 <head> |
4 <meta charset="utf-8"> | 4 <meta charset="utf-8"> |
5 <script src="/resources/testharness.js"></script> | 5 <script src="/resources/testharness.js"></script> |
6 <script src="/resources/testharnessreport.js"></script> | 6 <script src="/resources/testharnessreport.js"></script> |
7 </head> | 7 </head> |
8 <body> | 8 <body> |
9 <script> | 9 <script> |
10 var test_suborigin_options = [ | 10 var test_suborigin_options = [ |
11 [ 'foobar \'', 'Single quote as option' ], | 11 [ 'foobar \'', 'Single quote as option' ], |
12 [ 'foobar \'unsafe-postmessage-send\';', 'Character after single policy' ], | 12 [ 'foobar \'unsafe-postmessage-send\';', 'Character after single policy' ], |
13 [ 'foobar \'unsafe-postmessage-send\'; \'unsafe-cookies\';', | 13 [ 'foobar \'unsafe-postmessage-send\'; \'unsafe-cookies\';', |
14 'Charecters after multiple policies' ], | 14 'Charecters after multiple policies' ], |
15 [ 'foobar; \'unsafe-postmessage-send\'', 'Character before policy' ], | 15 [ 'foobar; \'unsafe-postmessage-send\'', 'Character before policy' ], |
16 [ 'foobar \'b@d character$\'', 'Bad characters in option' ], | 16 [ 'foobar \'b@d character$\'', 'Bad characters in option' ], |
17 ]; | 17 ]; |
18 | 18 |
| 19 var tests = []; |
| 20 |
| 21 function run_next_test() { |
| 22 if (tests.length) { |
| 23 tests.shift()(); |
| 24 } |
| 25 } |
| 26 |
| 27 function generate_test_case(option) { |
| 28 var test = async_test(test_suborigin_options[option][1]); |
| 29 var iframe; |
| 30 window.addEventListener('message', test.step_func(event => { |
| 31 if (event.source != iframe.contentWindow) |
| 32 return; |
| 33 |
| 34 assert_equals(event.data, 'I am a secret'); |
| 35 setTimeout(run_next_test, 0); |
| 36 test.done(); |
| 37 })); |
| 38 iframe = document.createElement('iframe'); |
| 39 iframe.setAttribute('src', 'resources/reach-into-iframe.php?childsuborigin=' + |
| 40 test_suborigin_options[option][0]); |
| 41 return () => { document.body.appendChild(iframe) }; |
| 42 } |
| 43 |
19 for (option in test_suborigin_options) { | 44 for (option in test_suborigin_options) { |
20 async_test(t => { | 45 tests.push(generate_test_case(option)); |
21 var id = option; | 46 } |
22 var iframe; | |
23 window.addEventListener('message', t.step_func(event => { | |
24 if (event.source != iframe.contentWindow) | |
25 return; | |
26 | 47 |
27 assert_equals(event.data, 'I am a secret'); | 48 run_next_test(); |
28 t.done(); | |
29 })); | |
30 iframe = document.createElement('iframe'); | |
31 iframe.setAttribute('src', | |
32 'resources/reach-into-iframe.php?childsuborigin=' + | |
33 test_suborigin_options[id][0]); | |
34 document.body.appendChild(iframe); | |
35 }, test_suborigin_options[option][1]); | |
36 } | |
37 </script> | 49 </script> |
38 </body> | 50 </body> |
39 </html> | 51 </html> |
OLD | NEW |