third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/embedding_csp-header-invalid-format.html - Issue 2892903002: Renamed `embedding-csp` HTTP request header to `required-csp`.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/embedding_csp-header-invalid-format.html

Issue 2892903002: Renamed `embedding-csp` HTTP request header to `required-csp`. (Closed)

Patch Set: Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/embedding_csp-header.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
	(Empty)
1 <!DOCTYPE html>

2 <html>

3 <head>

4 <title>Embedded Enforcement: Embedding-CSP header.</title>

5 <script src="/resources/testharness.js"></script>

6 <script src="/resources/testharnessreport.js"></script>

7 <script src="support/testharness-helper.sub.js"></script>

8 </head>

9 <body>

10 <script>

11 // When this test starts passing please merge with embedding_csp-header.html

12 var tests = [

13 { "name": "Wrong value of `csp` should not trigger sending Embedding-CSP H eader.",

14 "csp": "completely wrong csp",

15 "expected": null},

16 ];

17

18 tests.forEach(test => {

19 async_test(t => {

20 var url = generateURLString(Host.SAME_ORIGIN, PolicyHeader.EMBEDDING_CSP );

21 assert_embedding_csp(t, url, test.csp, test.expected);

22 }, "Test same origin: " + test.name);

23

24 async_test(t => {

25 var url = generateURLString(Host.SAME_ORIGIN, PolicyHeader.EMBEDDING_CSP );

26 var redirect_url = generateRedirect(Host.SAME_ORIGIN, url);

27 assert_embedding_csp(t, redirect_url, test.csp, test.expected);

28 }, "Test same origin redirect: " + test.name);

29

30 async_test(t => {

31 var url = generateURLString(Host.SAME_ORIGIN, PolicyHeader.EMBEDDING_CSP );

32 var redirect_url = generateRedirect(Host.CROSS_ORIGIN, url);

33 assert_embedding_csp(t, redirect_url, test.csp, test.expected);

34 }, "Test cross origin redirect: " + test.name);

35

36 async_test(t => {

37 var url = generateURLString(Host.CROSS_ORIGIN, PolicyHeader.EMBEDDING_CS P);

38 var redirect_url = generateRedirect(Host.CROSS_ORIGIN, url);

39 assert_embedding_csp(t, redirect_url, test.csp, test.expected);

40 }, "Test cross origin redirect of cross origin iframe: " + test.name);

41

42 async_test(t => {

43 var i = document.createElement('iframe');

44 if (test.csp)

45 i.csp = test.csp;

46 i.src = generateURLString(Host.SAME_ORIGIN, PolicyHeader.EMBEDDING_CSP);

47 var loaded = false;

48

49 window.addEventListener('message', t.step_func(e => {

50 if (e.source != i.contentWindow \|\| !('embedding_csp' in e.data))

51 return;

52 if (!loaded) {

53 assert_equals(test.expected, e.data['embedding_csp']);

54 loaded = true;

55 i.csp = "default-src 'unsafe-inline'";

56 i.src = generateURLString(Host.CROSS_ORIGIN, PolicyHeader.EMBEDDING_ CSP);

57 } else {

58 // Once iframe has loaded, check that on change of `src` attribute

59 // Embedding-CSP value is based on latest `csp` attribute value.

60 assert_equals("default-src 'unsafe-inline'", e.data['embedding_csp'] );

61 t.done();

62 }

63 }));

64

65 document.body.appendChild(i);

66 }, "Test Embedding-CSP value on `csp` change: " + test.name);

67 });

68 </script>

69 </body>

70 </html>

OLD	NEW