зеркало из https://github.com/mozilla/gecko-dev.git
Bug 959388 - Add csp worker test cases. r=kmckinley
MozReview-Commit-ID: Ahx419BHWrS --HG-- extra : rebase_source : 2016c1e68f990a8ba9cd471e18778c87b08546e1
This commit is contained in:
Родитель
32e38271c9
Коммит
61fe1800b8
|
@ -0,0 +1,39 @@
|
|||
function doXHR(uri) {
|
||||
try {
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open("GET", uri);
|
||||
xhr.send();
|
||||
} catch(ex) {}
|
||||
}
|
||||
|
||||
var sameBase = "http://mochi.test:8888/tests/dom/security/test/csp/file_CSP.sjs?testid=";
|
||||
var crossBase = "http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=";
|
||||
|
||||
onmessage = (e) => {
|
||||
for (base of [sameBase, crossBase]) {
|
||||
var prefix;
|
||||
var suffix;
|
||||
if (e.data.inherited == "parent") {
|
||||
//Worker inherits CSP from parent worker
|
||||
prefix = base + "worker_child_inherited_parent_";
|
||||
suffix = base == sameBase ? "_good" : "_bad";
|
||||
} else if (e.data.inherited == "document") {
|
||||
//Worker inherits CSP from owner document -> parent worker -> subworker
|
||||
prefix = base + "worker_child_inherited_document_";
|
||||
suffix = base == sameBase ? "_good" : "_bad";
|
||||
} else {
|
||||
// Worker delivers CSP from HTTP header
|
||||
prefix = base + "worker_child_";
|
||||
suffix = base == sameBase ? "_same_bad" : "_cross_bad";
|
||||
}
|
||||
|
||||
doXHR(prefix + "xhr" + suffix);
|
||||
// Fetch is likely failed in subworker
|
||||
// See Bug 1273070 - Failed to fetch in subworker
|
||||
// Enable fetch test after the bug is fixed
|
||||
// fetch(prefix + "xhr" + suffix);
|
||||
try {
|
||||
importScripts(prefix + "script" + suffix);
|
||||
} catch(ex) {}
|
||||
}
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
Content-Security-Policy: default-src 'none'
|
|
@ -1,8 +1,12 @@
|
|||
function doXHR(uri) {
|
||||
function doXHR(uri, callback) {
|
||||
try {
|
||||
var xhr = new XMLHttpRequest();
|
||||
xhr.open("GET", uri);
|
||||
xhr.responseType = "blob";
|
||||
xhr.send();
|
||||
xhr.onload = function () {
|
||||
if (callback) callback(xhr.response);
|
||||
}
|
||||
} catch(ex) {}
|
||||
}
|
||||
|
||||
|
@ -15,14 +19,35 @@ try {
|
|||
navigator.sendBeacon("http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=beacon_bad");
|
||||
} catch(ex) {}
|
||||
|
||||
var topWorkerBlob;
|
||||
var nestedWorkerBlob;
|
||||
|
||||
new Worker("file_main_worker.js").postMessage({inherited : false});
|
||||
doXHR("file_main_worker.js", function (topResponse) {
|
||||
topWorkerBlob = URL.createObjectURL(topResponse);
|
||||
doXHR("file_child_worker.js", function (response) {
|
||||
nestedWorkerBlob = URL.createObjectURL(response);
|
||||
runWorker();
|
||||
});
|
||||
});
|
||||
|
||||
function runWorker() {
|
||||
// Top level worker, no subworker
|
||||
// Worker does not inherit CSP from owner document
|
||||
new Worker("file_main_worker.js").postMessage({inherited : "none"});
|
||||
|
||||
var blobxhr = new XMLHttpRequest();
|
||||
blobxhr.open("GET", "file_main_worker.js")
|
||||
blobxhr.responseType = "blob";
|
||||
blobxhr.send();
|
||||
blobxhr.onload = () => {
|
||||
new Worker(URL.createObjectURL(blobxhr.response)).postMessage({inherited : true});
|
||||
// Top level worker, no subworker
|
||||
// Worker inherits CSP from owner document
|
||||
new Worker(topWorkerBlob).postMessage({inherited : "document"});
|
||||
|
||||
// Subworker
|
||||
// Worker does not inherit CSP from parent worker
|
||||
new Worker("file_main_worker.js").postMessage({inherited : "none", nested : nestedWorkerBlob});
|
||||
|
||||
// Subworker
|
||||
// Worker inherits CSP from parent worker
|
||||
new Worker("file_main_worker.js").postMessage({inherited : "parent", nested : nestedWorkerBlob});
|
||||
|
||||
// Subworker
|
||||
// Worker inherits CSP from owner document -> parent worker -> subworker
|
||||
new Worker(topWorkerBlob).postMessage({inherited : "document", nested : nestedWorkerBlob});
|
||||
}
|
||||
|
|
|
@ -10,19 +10,39 @@ var sameBase = "http://mochi.test:8888/tests/dom/security/test/csp/file_CSP.sjs?
|
|||
var crossBase = "http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=";
|
||||
|
||||
onmessage = (e) => {
|
||||
// Tests of nested worker
|
||||
if (e.data.nested) {
|
||||
if (e.data.inherited != "none") {
|
||||
// Worker inherits CSP
|
||||
new Worker(e.data.nested).postMessage({inherited : e.data.inherited});
|
||||
}
|
||||
else {
|
||||
// Worker does not inherit CSP
|
||||
new Worker("file_child_worker.js").postMessage({inherited : e.data.inherited});
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
//Tests of top level worker
|
||||
for (base of [sameBase, crossBase]) {
|
||||
var prefix;
|
||||
var suffix;
|
||||
if (e.data.inherited) {
|
||||
prefix = base + "worker_inherited_"
|
||||
if (e.data.inherited != "none") {
|
||||
// Top worker inherits CSP from owner document
|
||||
prefix = base + "worker_inherited_";
|
||||
suffix = base == sameBase ? "_good" : "_bad";
|
||||
}
|
||||
else {
|
||||
prefix = base + "worker_"
|
||||
suffix = base == sameBase ? "_same_good" : "_cross_good";
|
||||
// Top worker delivers CSP from HTTP header
|
||||
prefix = base + "worker_";
|
||||
suffix = base == sameBase ? "_same_bad" : "_cross_good";
|
||||
}
|
||||
|
||||
doXHR(prefix + "xhr" + suffix);
|
||||
fetch(prefix + "fetch" + suffix);
|
||||
try { importScripts(prefix + "script" + suffix); } catch(ex) {}
|
||||
try {
|
||||
if (e.data.inherited == "none") suffix = base == sameBase ? "_same_good" : "_cross_bad";
|
||||
importScripts(prefix + "script" + suffix);
|
||||
} catch(ex) {}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
Content-Security-Policy: default-src 'self' blob: ; connect-src http://example.com
|
|
@ -41,6 +41,9 @@ support-files =
|
|||
file_main.html^headers^
|
||||
file_main.js
|
||||
file_main_worker.js
|
||||
file_main_worker.js^headers^
|
||||
file_child_worker.js
|
||||
file_child_worker.js^headers^
|
||||
file_web_manifest.html
|
||||
file_web_manifest_remote.html
|
||||
file_web_manifest_https.html
|
||||
|
|
|
@ -29,18 +29,30 @@ window.tests = {
|
|||
fetch_bad: -1,
|
||||
beacon_good: -1,
|
||||
beacon_bad: -1,
|
||||
worker_xhr_same_good: -1,
|
||||
worker_xhr_same_bad: -1,
|
||||
worker_xhr_cross_good: -1,
|
||||
worker_fetch_same_good: -1,
|
||||
worker_fetch_same_bad: -1,
|
||||
worker_fetch_cross_good: -1,
|
||||
worker_script_same_good: -1,
|
||||
worker_script_cross_good: -1,
|
||||
worker_script_cross_bad: -1,
|
||||
worker_inherited_xhr_good: -1,
|
||||
worker_inherited_xhr_bad: -1,
|
||||
worker_inherited_fetch_good: -1,
|
||||
worker_inherited_fetch_bad: -1,
|
||||
worker_inherited_script_good: -1,
|
||||
worker_inherited_script_bad: -1,
|
||||
worker_child_xhr_same_bad: -1,
|
||||
worker_child_xhr_cross_bad: -1,
|
||||
worker_child_script_same_bad: -1,
|
||||
worker_child_script_cross_bad: -1,
|
||||
worker_child_inherited_parent_xhr_bad: -1,
|
||||
worker_child_inherited_parent_xhr_good: -1,
|
||||
worker_child_inherited_parent_script_good: -1,
|
||||
worker_child_inherited_parent_script_bad: -1,
|
||||
worker_child_inherited_document_xhr_good: -1,
|
||||
worker_child_inherited_document_xhr_bad: -1,
|
||||
worker_child_inherited_document_script_good: -1,
|
||||
worker_child_inherited_document_script_bad: -1,
|
||||
media_good: -1,
|
||||
media_bad: -1,
|
||||
font_good: -1,
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
Content-Security-Policy: default-src 'self' blob: ; script-src 'unsafe-eval'
|
|
@ -18,6 +18,7 @@ support-files =
|
|||
console_worker.js
|
||||
consoleReplaceable_worker.js
|
||||
csp_worker.js
|
||||
csp_worker.js^headers^
|
||||
404_server.sjs
|
||||
errorPropagation_iframe.html
|
||||
errorPropagation_worker.js
|
||||
|
|
Загрузка…
Ссылка в новой задаче