Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: LayoutTests/http/tests/security/isolatedWorld/resources/bypass-main-world-csp-for-inline-style.js

Issue 341443003: Isolated world injected inline styles should bypass main world CSP. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-inline-style-expected.txt ('k') | Source/core/dom/StyleElement.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: LayoutTests/http/tests/security/isolatedWorld/resources/bypass-main-world-csp-for-inline-style.js
diff --git a/LayoutTests/http/tests/security/isolatedWorld/resources/bypass-main-world-csp-for-inline-style.js b/LayoutTests/http/tests/security/isolatedWorld/resources/bypass-main-world-csp-for-inline-style.js
new file mode 100644
index 0000000000000000000000000000000000000000..ce26eb0bd6417089ff0be8f03561d894b7ade4f4
--- /dev/null
+++ b/LayoutTests/http/tests/security/isolatedWorld/resources/bypass-main-world-csp-for-inline-style.js
@@ -0,0 +1,61 @@
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+}
+
+tests = 4;
+window.addEventListener("message", function(message) {
+ tests -= 1;
+ test();
+}, false);
+
+function test() {
+ function injectInlineStyle(shouldSucceed, tests) {
+ var id = 'div' + tests;
+ var div = document.createElement('div');
+ div.id = id;
+ document.body.appendChild(div);
+ var style = document.createElement('style');
+ style.innerText = '#' + id + ' { color: red; }';
+ document.body.appendChild(style);
+ var success = window.getComputedStyle(document.getElementById(id)).color === "rgb(255, 0, 0)";
+ if (shouldSucceed) {
+ if (success)
+ console.log("PASS: Style assignment in test " + tests + " was blocked by CSP.");
+ else
+ console.log("FAIL: Style assignment in test " + tests + " was not blocked by CSP.");
+ } else {
+ if (success)
+ console.log("FAIL: Style assignment in test " + tests + " was blocked by CSP.");
+ else
+ console.log("PASS: Style assignment in test " + tests + " was not blocked by CSP.");
+ }
+ window.postMessage("next", "*");
+ }
+
+ switch (tests) {
+ case 4:
+ console.log("Injecting in main world: this should fail.");
+ injectInlineStyle(false, tests);
+ break;
+ case 3:
+ console.log("Injecting into isolated world without bypass: this should fail.");
+ testRunner.evaluateScriptInIsolatedWorld(1, String(eval("injectInlineStyle")) + "\ninjectInlineStyle(false," + tests + ");");
+ break;
+ case 2:
+ console.log("Starting to bypass main world's CSP: this should pass!");
+ testRunner.setIsolatedWorldContentSecurityPolicy(1, 'style-src \'unsafe-inline\' *');
+ testRunner.evaluateScriptInIsolatedWorld(1, String(eval("injectInlineStyle")) + "\ninjectInlineStyle(true," + tests + ");");
+ break;
+ case 1:
+ console.log("Injecting into main world again: this should fail.");
+ injectInlineStyle(false, tests);
+ break;
+ case 0:
+ testRunner.setIsolatedWorldContentSecurityPolicy(1, '');
+ testRunner.notifyDone();
+ break;
+ }
+}
+
+document.addEventListener('DOMContentLoaded', test);
« no previous file with comments | « LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-inline-style-expected.txt ('k') | Source/core/dom/StyleElement.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698