зеркало из https://github.com/mozilla/gecko-dev.git
Bug 821877 - Browser Mochitest for CSP error logging to Web Console. r=msucan
Also fixes another CSP browser chrome test that was broken because it uses the old CSP headers and assumed that only one warning would be logged to the Web Console.
This commit is contained in:
Родитель
23df509e26
Коммит
3121dfee40
|
@ -117,6 +117,9 @@ MOCHITEST_BROWSER_FILES = \
|
|||
browser_netpanel_longstring_expand.js \
|
||||
browser_repeated_messages_accuracy.js \
|
||||
head.js \
|
||||
browser_webconsole_bug_821877_csp_errors.js \
|
||||
test-bug-821877-csperrors.html \
|
||||
test-bug-821877-csperrors.html^headers^ \
|
||||
$(NULL)
|
||||
|
||||
ifeq ($(OS_ARCH), Darwin)
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
// Tests that the Web Console CSP messages are displayed
|
||||
|
||||
const TEST_VIOLATION = "https://example.com/browser/browser/devtools/webconsole/test/test_bug_770099_violation.html";
|
||||
const CSP_VIOLATION_MSG = "CSP WARN: Directive default-src https://example.com:443 violated by http://some.example.com/test.png"
|
||||
|
||||
let hud = undefined;
|
||||
|
||||
|
@ -34,22 +35,12 @@ function onLoad(aEvent) {
|
|||
function testViolationMessage(){
|
||||
let aOutputNode = hud.outputNode;
|
||||
|
||||
waitForSuccess(
|
||||
{
|
||||
waitForSuccess({
|
||||
name: "CSP policy URI warning displayed successfully",
|
||||
validatorFn: function() {
|
||||
return aOutputNode.querySelector(".webconsole-msg-warn");
|
||||
return hud.outputNode.textContent.indexOf(CSP_VIOLATION_MSG) > -1;
|
||||
},
|
||||
|
||||
successFn: function() {
|
||||
//tests on the urlnode
|
||||
let node = aOutputNode.querySelector(".webconsole-msg-warn");
|
||||
isnot(node.textContent.indexOf("violated"), -1,
|
||||
"CSP violation message found");
|
||||
finishTest();
|
||||
},
|
||||
|
||||
successFn: finishTest,
|
||||
failureFn: finishTest,
|
||||
}
|
||||
);
|
||||
});
|
||||
}
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
// Tests that CSP errors from nsDocument::InitCSP are logged to the Web Console
|
||||
|
||||
/* Any copyright is dedicated to the Public Domain.
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/ */
|
||||
|
||||
const TEST_URI = "https://example.com/browser/browser/devtools/webconsole/test/test-bug-821877-csperrors.html";
|
||||
const CSP_DEPRECATED_HEADER_MSG = "The X-Content-Security-Policy and X-Content-Security-Report-Only headers will be deprecated in the future. Please use the Content-Security-Policy and Content-Security-Report-Only headers with CSP spec compliant syntax instead.";
|
||||
|
||||
function test()
|
||||
{
|
||||
addTab(TEST_URI);
|
||||
browser.addEventListener("load", function onLoad(aEvent) {
|
||||
browser.removeEventListener(aEvent.type, onLoad, true);
|
||||
openConsole(null, function testCSPErrorLogged (hud) {
|
||||
waitForSuccess({
|
||||
name: "CSP error displayed successfully",
|
||||
validatorFn: function () {
|
||||
return hud.outputNode.textContent.indexOf(CSP_DEPRECATED_HEADER_MSG) > -1;
|
||||
},
|
||||
successFn: finishTest,
|
||||
failureFn: finishTest,
|
||||
});
|
||||
});
|
||||
}, true);
|
||||
}
|
|
@ -0,0 +1,12 @@
|
|||
<!doctype html>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf8">
|
||||
<title>Bug 821877 - Log CSP Errors to Web Console</title>
|
||||
<!-- Any copyright is dedicated to the Public Domain.
|
||||
- http://creativecommons.org/publicdomain/zero/1.0/ -->
|
||||
</head>
|
||||
<body>
|
||||
<p>This page is served with a deprecated CSP header.</p>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1 @@
|
|||
X-Content-Security-Policy: default-src *; options inline-script
|
Загрузка…
Ссылка в новой задаче