зеркало из https://github.com/mozilla/gecko-dev.git
Bug 808292 - CSP: Implement path-level host-source matching, mochitests (r=grobinson,sstamm)
This commit is contained in:
Родитель
6745b594df
Коммит
43454d7579
|
@ -1,10 +1,10 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Bug 916054 - URLs with path are ignored by FF's CSP parser</title>
|
||||
<title>Bug 808292 - Implement path-level host-source matching to CSP</title>
|
||||
</head>
|
||||
<body>
|
||||
<div id="testdiv">blocked</div>
|
||||
<script src="http://test1.example.com/tests/content/base/test/csp/file_csp_regexp_parsing.js"></script>
|
||||
<script src="http://test1.example.com/tests/content/base/test/csp/file_csp_path_matching.js#foo"></script>
|
||||
</body>
|
||||
</html>
|
|
@ -81,9 +81,9 @@ support-files =
|
|||
file_hash_source.html^headers^
|
||||
file_self_none_as_hostname_confusion.html
|
||||
file_self_none_as_hostname_confusion.html^headers^
|
||||
file_csp_path_matching.html
|
||||
file_csp_path_matching.js
|
||||
file_csp_testserver.sjs
|
||||
file_csp_regexp_parsing.html
|
||||
file_csp_regexp_parsing.js
|
||||
file_report_uri_missing_in_report_only_header.html
|
||||
file_report_uri_missing_in_report_only_header.html^headers^
|
||||
file_csp_report.html
|
||||
|
@ -121,7 +121,7 @@ skip-if = (buildapp == 'b2g' && (toolkit != 'gonk' || debug)) || toolkit == 'and
|
|||
skip-if = e10s || buildapp == 'b2g' # can't compute hashes in child process (bug 958702)
|
||||
[test_self_none_as_hostname_confusion.html]
|
||||
[test_bug949549.html]
|
||||
[test_csp_regexp_parsing.html]
|
||||
[test_csp_path_matching.html]
|
||||
[test_report_uri_missing_in_report_only_header.html]
|
||||
[test_csp_report.html]
|
||||
skip-if = e10s || buildapp == 'b2g' # http-on-opening-request observer not supported in child process (bug 1009632)
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Bug 916054 - URLs with path are ignored by FF's CSP parser</title>
|
||||
<title>Bug 808292 - Implement path-level host-source matching to CSP</title>
|
||||
<!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
|
@ -16,49 +16,51 @@
|
|||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
/* Description of the test:
|
||||
* We are loading the following url (including a fragment portion):
|
||||
* http://test1.example.com/tests/content/base/test/csp/file_csp_path_matching.js#foo
|
||||
* using different policies and verify that the applied policy is accurately enforced.
|
||||
*/
|
||||
|
||||
var policies = [
|
||||
["allowed", "*"],
|
||||
["allowed", "test1.example.com"],
|
||||
["allowed", "test1.example.com/"],
|
||||
["allowed", "test1.example.com/path-1"],
|
||||
["allowed", "test1.example.com/path-1/"],
|
||||
["allowed", "test1.example.com/path-1/path_2/"],
|
||||
["allowed", "test1.example.com/path-1/path_2/file.js"],
|
||||
["allowed", "test1.example.com/path-1/path_2/file_1.js"],
|
||||
["allowed", "test1.example.com/path-1/path_2/file-2.js"],
|
||||
["allowed", "test1.example.com/path-1/path_2/f.js"],
|
||||
["allowed", "test1.example.com/path-1/path_2/f.oo.js"],
|
||||
["allowed", "test1.example.com/tests/content/base/test/csp/"],
|
||||
["allowed", "test1.example.com/tests/content/base/test/csp/file_csp_path_matching.js"],
|
||||
|
||||
["allowed", "test1.example.com?foo=val"],
|
||||
["allowed", "test1.example.com/?foo=val"],
|
||||
["allowed", "test1.example.com/tests/content/base/test/csp/?foo=val"],
|
||||
["allowed", "test1.example.com/tests/content/base/test/csp/file_csp_path_matching.js?foo=val"],
|
||||
|
||||
["allowed", "test1.example.com#foo"],
|
||||
["allowed", "test1.example.com/#foo"],
|
||||
["allowed", "test1.example.com/tests/content/base/test/csp/#foo"],
|
||||
["allowed", "test1.example.com/tests/content/base/test/csp/file_csp_path_matching.js#foo"],
|
||||
|
||||
["allowed", "*.example.com"],
|
||||
["allowed", "*.example.com/"],
|
||||
["allowed", "*.example.com/path-1"],
|
||||
["allowed", "*.example.com/path-1/"],
|
||||
["allowed", "*.example.com/path-1/path_2/"],
|
||||
["allowed", "*.example.com/path-1/path_2/file.js"],
|
||||
["allowed", "*.example.com/path-1/path_2/file_1.js"],
|
||||
["allowed", "*.example.com/path-1/path_2/file-2.js"],
|
||||
["allowed", "*.example.com/path-1/path_2/f.js"],
|
||||
["allowed", "*.example.com/path-1/path_2/f.oo.js"],
|
||||
["allowed", "*.example.com/tests/content/base/test/csp/"],
|
||||
["allowed", "*.example.com/tests/content/base/test/csp/file_csp_path_matching.js"],
|
||||
|
||||
["allowed", "test1.example.com:80"],
|
||||
["allowed", "test1.example.com:80/"],
|
||||
["allowed", "test1.example.com:80/path-1"],
|
||||
["allowed", "test1.example.com:80/path-1/"],
|
||||
["allowed", "test1.example.com:80/path-1/path_2"],
|
||||
["allowed", "test1.example.com:80/path-1/path_2/"],
|
||||
["allowed", "test1.example.com:80/path-1/path_2/file.js"],
|
||||
["allowed", "test1.example.com:80/path-1/path_2/f.ile.js"],
|
||||
["allowed", "test1.example.com:80/tests/content/base/test/csp/"],
|
||||
["allowed", "test1.example.com:80/tests/content/base/test/csp/file_csp_path_matching.js"],
|
||||
|
||||
["allowed", "test1.example.com:*"],
|
||||
["allowed", "test1.example.com:*/"],
|
||||
["allowed", "test1.example.com:*/path-1"],
|
||||
["allowed", "test1.example.com:*/path-1/"],
|
||||
["allowed", "test1.example.com:*/path-1/path_2"],
|
||||
["allowed", "test1.example.com:*/path-1/path_2/"],
|
||||
["allowed", "test1.example.com:*/path-1/path_2/file.js"],
|
||||
["allowed", "test1.example.com:*/path-1/path_2/f.ile.js"],
|
||||
// the following tests should fail
|
||||
["blocked", "test1.example.com:88path-1/"],
|
||||
["blocked", "test1.example.com:80.js"],
|
||||
["blocked", "test1.example.com:*.js"],
|
||||
["blocked", "test1.example.com:*."]
|
||||
["allowed", "test1.example.com:*/tests/content/base/test/csp/"],
|
||||
["allowed", "test1.example.com:*/tests/content/base/test/csp/file_csp_path_matching.js"],
|
||||
|
||||
["blocked", "test1.example.com/tests"],
|
||||
["blocked", "test1.example.com/tests/content/base/test/csp"],
|
||||
["blocked", "test1.example.com/tests/content/base/test/csp/file_csp_path_matching.py"],
|
||||
|
||||
["blocked", "test1.example.com:8888/tests"],
|
||||
["blocked", "test1.example.com:8888/tests/content/base/test/csp"],
|
||||
["blocked", "test1.example.com:8888/tests/content/base/test/csp/file_csp_path_matching.py"],
|
||||
]
|
||||
|
||||
var counter = 0;
|
||||
|
@ -72,7 +74,7 @@ function loadNextTest() {
|
|||
policy = policies[counter++];
|
||||
var src = "file_csp_testserver.sjs";
|
||||
// append the file that should be served
|
||||
src += "?file=" + escape("tests/content/base/test/csp/file_csp_regexp_parsing.html");
|
||||
src += "?file=" + escape("tests/content/base/test/csp/file_csp_path_matching.html");
|
||||
// append the CSP that should be used to serve the file
|
||||
src += "&csp=" + escape("default-src 'none'; script-src " + policy[1]);
|
||||
|
Загрузка…
Ссылка в новой задаче