| OLD | NEW |
|---|
| 1 const Host = { | 1 const Host = { |
| 2 SAME_ORIGIN: "same-origin", | 2 SAME_ORIGIN: "same-origin", |
| 3 CROSS_ORIGIN: "cross-origin", | 3 CROSS_ORIGIN: "cross-origin", |
| 4 }; | 4 }; |
| 5 | 5 |
| 6 const PolicyHeader = { | 6 const PolicyHeader = { |
| 7 CSP: "echo-policy.py?policy=", | 7 CSP: "echo-policy.py?policy=", |
| 8 CSP_MULTIPLE: "echo-policy-multiple.py", | 8 CSP_MULTIPLE: "echo-policy-multiple.py", |
| 9 EMBEDDING_CSP: "echo-embedding-csp.py", | 9 REQUIRED_CSP: "echo-required-csp.py", |
| 10 ALLOW_CSP_FROM: "echo-allow-csp-from.py", | 10 ALLOW_CSP_FROM: "echo-allow-csp-from.py", |
| 11 }; | 11 }; |
| 12 | 12 |
| 13 const IframeLoad = { | 13 const IframeLoad = { |
| 14 EXPECT_BLOCK: true, | 14 EXPECT_BLOCK: true, |
| 15 EXPECT_LOAD: false, | 15 EXPECT_LOAD: false, |
| 16 }; | 16 }; |
| 17 | 17 |
| 18 function getOrigin() { | 18 function getOrigin() { |
| 19 var url = new URL("http://{{host}}:{{ports[http][0]}}/"); | 19 var url = new URL("http://{{host}}:{{ports[http][0]}}/"); |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 61 return url; | 61 return url; |
| 62 } | 62 } |
| 63 | 63 |
| 64 function generateUrlWithAllowCSPFrom(host, allowCspFrom) { | 64 function generateUrlWithAllowCSPFrom(host, allowCspFrom) { |
| 65 var url = generateURL(host, PolicyHeader.ALLOW_CSP_FROM); | 65 var url = generateURL(host, PolicyHeader.ALLOW_CSP_FROM); |
| 66 if (allowCspFrom != null) | 66 if (allowCspFrom != null) |
| 67 url.searchParams.append("allow_csp_from", allowCspFrom); | 67 url.searchParams.append("allow_csp_from", allowCspFrom); |
| 68 return url; | 68 return url; |
| 69 } | 69 } |
| 70 | 70 |
| 71 function assert_embedding_csp(t, url, csp, expected) { | 71 function assert_required_csp(t, url, csp, expected) { |
| 72 var i = document.createElement('iframe'); | 72 var i = document.createElement('iframe'); |
| 73 if(csp) | 73 if(csp) |
| 74 i.csp = csp; | 74 i.csp = csp; |
| 75 i.src = url; | 75 i.src = url; |
| 76 | 76 |
| 77 window.addEventListener('message', t.step_func(e => { | 77 window.addEventListener('message', t.step_func(e => { |
| 78 if (e.source != i.contentWindow || !('embedding_csp' in e.data)) | 78 if (e.source != i.contentWindow || !('required_csp' in e.data)) |
| 79 return; | 79 return; |
| 80 assert_equals(expected, e.data['embedding_csp']); | 80 assert_equals(expected, e.data['required_csp']); |
| 81 t.done(); | 81 t.done(); |
| 82 })); | 82 })); |
| 83 | 83 |
| 84 document.body.appendChild(i); | 84 document.body.appendChild(i); |
| 85 } | 85 } |
| 86 | 86 |
| 87 function assert_iframe_with_csp(t, url, csp, shouldBlock, urlId, blockedURI) { | 87 function assert_iframe_with_csp(t, url, csp, shouldBlock, urlId, blockedURI) { |
| 88 var i = document.createElement('iframe'); | 88 var i = document.createElement('iframe'); |
| 89 url.searchParams.append("id", urlId); | 89 url.searchParams.append("id", urlId); |
| 90 i.src = url.toString(); | 90 i.src = url.toString(); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 127 // Assert iframe loads. | 127 // Assert iframe loads. |
| 128 i.onload = t.step_func(function () { | 128 i.onload = t.step_func(function () { |
| 129 // Delay the check until after the postMessage has a chance to execute. | 129 // Delay the check until after the postMessage has a chance to execute. |
| 130 setTimeout(t.step_func_done(function () { | 130 setTimeout(t.step_func_done(function () { |
| 131 assert_true(loaded[urlId]); | 131 assert_true(loaded[urlId]); |
| 132 }), 1); | 132 }), 1); |
| 133 }); | 133 }); |
| 134 } | 134 } |
| 135 document.body.appendChild(i); | 135 document.body.appendChild(i); |
| 136 } | 136 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2892903002:
Renamed `embedding-csp` HTTP request header to `required-csp`. (Closed)
