зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1614674 - Poll for load in CSP frame-ancestors tests, r=bzbarsky
These tests are all timing out in Firefox because we don't send either a load or an error event for CSP-blocked loads. To work around this, poll the iframe for the load, assuming it's complete when we see a non-about:blank document with readyState complete (or an exception from trying to access a cross-origin resource). Differential Revision: https://phabricator.services.mozilla.com/D62447 --HG-- extra : moz-landing-system : lando
This commit is contained in:
James Graham
Родитель
0d056e0130
Коммит
295c3313ab
|
|
@ -1,9 +1,5 @@
|
|||
[frame-ancestors-from-serviceworker.https.html]
|
||||
expected:
|
||||
if fission: OK
|
||||
TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive set from a serviceworker response with a value 'none' should block rendering.]
|
||||
expected:
|
||||
if fission: FAIL
|
||||
TIMEOUT
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-cross-in-cross-none-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
[frame-ancestors-nested-cross-in-cross-self-block.html]
|
||||
expected:
|
||||
if processor == "aarch64": ["TIMEOUT", "CRASH"]
|
||||
TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-cross-in-cross-url-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-cross-in-same-none-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-cross-in-same-self-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-cross-in-same-url-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-same-in-cross-none-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-same-in-cross-self-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-same-in-cross-url-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-same-in-same-none-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-nested-same-in-same-url-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-none-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'none' should block rendering.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-overrides-xfo.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive overrides an 'x-frame-options' header which would allow the page.]
|
||||
expected: TIMEOUT
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-self-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a value 'self' should block rendering.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
[frame-ancestors-url-block.html]
|
||||
expected: TIMEOUT
|
||||
[A 'frame-ancestors' CSP directive with a URL which doesn't match this origin should be blocked.]
|
||||
expected: NOTRUN
|
||||
|
||||
|
|
@ -17,18 +17,28 @@
|
|||
.then(() => {
|
||||
// Load iframe.
|
||||
var iframe = document.createElement("iframe");
|
||||
function iframeLoaded(ev) {
|
||||
let timer;
|
||||
function pollForLoadCompletion() {
|
||||
timer = t.step_timeout(() => iframeMayBeLoaded({isPoll: true}), 10);
|
||||
}
|
||||
function iframeMayBeLoaded({isPoll}) {
|
||||
var failed = false;
|
||||
clearTimeout(timer);
|
||||
try {
|
||||
ev.target.contentWindow.location.href;
|
||||
let href = iframe.contentWindow.location.href;
|
||||
if (isPoll && (href === "about:blank" || iframe.contentDocument.readyState !== "complete")) {
|
||||
pollForLoadCompletion();
|
||||
return;
|
||||
}
|
||||
failed = true;
|
||||
} catch (ex) {}
|
||||
t.step_func_done(() => assert_false(failed, "The IFrame should have been blocked. It wasn't."))();
|
||||
};
|
||||
iframe.addEventListener("load", iframeLoaded);
|
||||
iframe.addEventListener("error", iframeLoaded);
|
||||
iframe.addEventListener("load", () => iframeMayBeLoaded({isPoll: false}));
|
||||
iframe.addEventListener("error", () => iframeMayBeLoaded({isPoll: false}));
|
||||
iframe.src = "/content-security-policy/frame-ancestors/support/service-worker/frame-ancestors-none.html";
|
||||
document.body.appendChild(iframe);
|
||||
pollForLoadCompletion();
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
|
|
|
|||
|
|
@ -18,9 +18,20 @@
|
|||
async_test(function (t) {
|
||||
var i = document.createElement('iframe');
|
||||
i.src = "support/frame-ancestors-and-x-frame-options.sub.html?policy=other-origin.com&xfo=SAMEORIGIN";
|
||||
i.onload = t.step_func_done(function () {
|
||||
checkDone = t.step_func(function() {
|
||||
clearTimeout(timer);
|
||||
try {
|
||||
if (i.contentWindow.location.href === "about:blank" ||
|
||||
(i.contentDocument && i.contentDocument.readyState !== "complete")) {
|
||||
timer = t.step_timeout(checkDone, 10);
|
||||
return;
|
||||
}
|
||||
} catch(e) {}
|
||||
assert_equals(i.contentDocument, null);
|
||||
t.done();
|
||||
});
|
||||
i.onload = checkDone;
|
||||
let timer = t.step_timeout(checkDone, 10);
|
||||
document.body.appendChild(i);
|
||||
}, "A 'frame-ancestors' CSP directive overrides an 'x-frame-options' header which would allow the page.");
|
||||
</script>
|
||||
|
|
|
|||
|
|
@ -47,10 +47,16 @@ function injectNestedIframe(policy, parent, child, expectation, isSandboxed) {
|
|||
document.body.appendChild(iframe);
|
||||
}
|
||||
|
||||
let timer;
|
||||
function pollForLoadCompletion({iframe, expectBlock}) {
|
||||
let fn = iframeLoaded({expectBlock, isPoll: true});
|
||||
timer = test.step_timeout(() => fn({target: iframe}), 10);
|
||||
}
|
||||
|
||||
function injectIFrame(policy, sameOrigin, expectBlock) {
|
||||
var iframe = document.createElement("iframe");
|
||||
iframe.addEventListener("load", iframeLoaded(expectBlock));
|
||||
iframe.addEventListener("error", iframeLoaded(expectBlock));
|
||||
iframe.addEventListener("load", iframeLoaded({expectBlock, isPoll: false}));
|
||||
iframe.addEventListener("error", iframeLoaded({expectBlock, isPoll: false}));
|
||||
|
||||
var url = "/content-security-policy/frame-ancestors/support/frame-ancestors.sub.html?policy=" + policy;
|
||||
if (sameOrigin)
|
||||
|
|
@ -60,14 +66,20 @@ function injectIFrame(policy, sameOrigin, expectBlock) {
|
|||
|
||||
iframe.src = url;
|
||||
document.body.appendChild(iframe);
|
||||
pollForLoadCompletion({iframe, expectBlock});
|
||||
}
|
||||
|
||||
function iframeLoaded(expectBlock) {
|
||||
function iframeLoaded({isPoll, expectBlock}) {
|
||||
return function(ev) {
|
||||
clearTimeout(timer);
|
||||
var failed = true;
|
||||
var message = "";
|
||||
try {
|
||||
ev.target.contentWindow.location.href;
|
||||
let url = ev.target.contentWindow.location.href;
|
||||
if (isPoll && (url === "about:blank" || ev.target.contentDocument.readyState !== "complete")) {
|
||||
pollForLoadCompletion({iframe: ev.target, expectBlock});
|
||||
return;
|
||||
}
|
||||
if (expectBlock) {
|
||||
message = "The IFrame should have been blocked (or cross-origin). It wasn't.";
|
||||
failed = true;
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче