third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html - Issue 2896833002: Added validation of the policy specified in the 'csp' attribute

Unified Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html

Issue 2896833002: Added validation of the policy specified in the 'csp' attribute (Closed)

Patch Set: Moved everything to ContentSecurityPolicy Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « third_party/WebKit/LayoutTests/TestExpectations ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header-invalid-format.html » ('j') | third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicy.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html

diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html

index 786555bdb8d30f4fb2dfe4f75c90e4767c32cae2..a7f5dddaa15ca6f2ddf88daabcf9fd0a85e2ec52 100644

--- a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html

+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/required_csp-header.html

@@ -9,15 +9,18 @@

<body>

var tests = [

- { "name": "Required-CSP is not sent if `csp` attribute is not set on <iframe>.",

+ { "name": "Required-CSP is not sent if `csp` attribute is not set on <iframe>.",

"csp": null,

"expected": null },

- { "name": "Send Required-CSP when `csp` attribute of <iframe> is not empty.",

+ { "name": "Send Required-CSP when `csp` attribute of <iframe> is not empty.",

"csp": "script-src 'unsafe-inline'",

"expected": "script-src 'unsafe-inline'" },

- { "name": "Send Required-CSP Header on change of `src` attribute on iframe.",

- "csp": "script-src 'unsafe-inline'",

+ { "name": "Send Required-CSP Header on change of `src` attribute on iframe.",

+ "csp": "script-src 'unsafe-inline'",

"expected": "script-src 'unsafe-inline'" },

+ { "name": "Wrong value of `csp` should not trigger sending Required-CSP Header.",

+ "csp": "completely wrong csp",

+ "expected": null },

Mike West 2017/05/29 13:49:31 Can you copy/paste some of the unittest values in

andypaicu 2017/05/30 08:51:21 I've deferred the WPT tests to a later CL. I've ra

];

tests.forEach(test => {

@@ -55,14 +58,14 @@

if (e.source != i.contentWindow || !('required_csp' in e.data))

return;

if (!loaded) {

- assert_equals(test.expected, e.data['required_csp']);

+ assert_equals(e.data['required_csp'], test.expected);

loaded = true;

i.csp = "default-src 'unsafe-inline'";

i.src = generateURLString(Host.CROSS_ORIGIN, PolicyHeader.REQUIRED_CSP);

} else {

// Once iframe has loaded, check that on change of `src` attribute

// Required-CSP value is based on latest `csp` attribute value.

- assert_equals("default-src 'unsafe-inline'", e.data['required_csp']);

+ assert_equals(e.data['required_csp'], "default-src 'unsafe-inline'");

t.done();

}

}));