зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1423844 - Enable ESLint for dom/security/test/unit/ r=Standard8,jkt
Enable ESLint for dom/security/test/unit Differential Revision: https://phabricator.services.mozilla.com/D14617 --HG-- extra : moz-landing-system : lando
This commit is contained in:
championshuttler
Родитель
e3ae63b02e
Коммит
6e072992a2
|
|
@ -215,7 +215,6 @@ dom/security/test/csp/**
|
|||
dom/security/test/general/**
|
||||
dom/security/test/mixedcontentblocker/**
|
||||
dom/security/test/sri/**
|
||||
dom/security/test/unit/**
|
||||
dom/serviceworkers/**
|
||||
dom/smil/**
|
||||
dom/svg/**
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
ChromeUtils.import('resource://gre/modules/NetUtil.jsm');
|
||||
ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
|
||||
ChromeUtils.import("resource://gre/modules/Services.jsm");
|
||||
ChromeUtils.import("resource://testing-common/httpd.js");
|
||||
|
||||
|
|
@ -33,7 +33,7 @@ function makeReportHandler(testpath, message, expectedJSON) {
|
|||
? request.getHeader("Content-Type") : undefined;
|
||||
if (contentType !== "application/csp-report") {
|
||||
do_throw("violation report should have the 'application/csp-report' " +
|
||||
"content-type, when in fact it is " + contentType.toString())
|
||||
"content-type, when in fact it is " + contentType.toString());
|
||||
}
|
||||
|
||||
// obtain violation report
|
||||
|
|
@ -47,7 +47,7 @@ function makeReportHandler(testpath, message, expectedJSON) {
|
|||
// dump("EXPECTED: \n" + JSON.stringify(expectedJSON) + "\n\n");
|
||||
|
||||
for (var i in expectedJSON)
|
||||
Assert.equal(expectedJSON[i], reportObj['csp-report'][i]);
|
||||
Assert.equal(expectedJSON[i], reportObj["csp-report"][i]);
|
||||
|
||||
testsToFinish--;
|
||||
httpServer.registerPathHandler(testpath, null);
|
||||
|
|
@ -80,9 +80,7 @@ function makeTest(id, expectedJSON, useReportOnlyPolicy, callback) {
|
|||
|
||||
dump("Created test " + id + " : " + policy + "\n\n");
|
||||
|
||||
let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"]
|
||||
.getService(Ci.nsIScriptSecurityManager);
|
||||
principal = ssm.createCodebasePrincipal(selfuri, {});
|
||||
principal = Services.scriptSecurityManager.createCodebasePrincipal(selfuri, {});
|
||||
csp.setRequestContext(null, principal);
|
||||
|
||||
// Load up the policy
|
||||
|
|
@ -93,7 +91,7 @@ function makeTest(id, expectedJSON, useReportOnlyPolicy, callback) {
|
|||
var handler = makeReportHandler("/test" + id, "Test " + id, expectedJSON);
|
||||
httpServer.registerPathHandler("/test" + id, handler);
|
||||
|
||||
//trigger the violation
|
||||
// trigger the violation
|
||||
callback(csp);
|
||||
}
|
||||
|
||||
|
|
@ -122,11 +120,11 @@ function run_test() {
|
|||
// test that eval violations cause a report.
|
||||
makeTest(1, {"blocked-uri": "eval",
|
||||
// JSON script-sample is UTF8 encoded
|
||||
"script-sample" : "\xc2\xa3\xc2\xa5\xc2\xb5\xe5\x8c\x97\xf0\xa0\x9d\xb9",
|
||||
"script-sample": "\xc2\xa3\xc2\xa5\xc2\xb5\xe5\x8c\x97\xf0\xa0\x9d\xb9",
|
||||
"line-number": 1,
|
||||
"column-number": 2}, false,
|
||||
function(csp) {
|
||||
let evalOK = true, oReportViolation = {'value': false};
|
||||
let evalOK = true, oReportViolation = {"value": false};
|
||||
evalOK = csp.getAllowsEval(oReportViolation);
|
||||
|
||||
// this is not a report only policy, so it better block eval
|
||||
|
|
@ -178,7 +176,7 @@ function run_test() {
|
|||
// test that eval violations cause a report in report-only policy
|
||||
makeTest(4, {"blocked-uri": "inline"}, true,
|
||||
function(csp) {
|
||||
let evalOK = true, oReportViolation = {'value': false};
|
||||
let evalOK = true, oReportViolation = {"value": false};
|
||||
evalOK = csp.getAllowsEval(oReportViolation);
|
||||
|
||||
// this is a report only policy, so it better allow eval
|
||||
|
|
@ -225,7 +223,6 @@ function run_test() {
|
|||
var selfSpec = REPORT_SERVER_URI + ":" + REPORT_SERVER_PORT + "/foo/self/foo.js";
|
||||
makeTest(7, {"blocked-uri": selfSpec}, false,
|
||||
function(csp) {
|
||||
var uri = NetUtil
|
||||
// shouldLoad creates and sends out the report here.
|
||||
csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT,
|
||||
null, // nsICSPEventListener
|
||||
|
|
|
|||
|
|
@ -1,14 +1,13 @@
|
|||
ChromeUtils.import("resource://testing-common/httpd.js");
|
||||
ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
|
||||
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
|
||||
ChromeUtils.import("resource://gre/modules/Services.jsm");
|
||||
|
||||
var prefs = Cc["@mozilla.org/preferences-service;1"].
|
||||
getService(Ci.nsIPrefBranch);
|
||||
|
||||
// Since this test creates a TYPE_DOCUMENT channel via javascript, it will
|
||||
// end up using the wrong LoadInfo constructor. Setting this pref will disable
|
||||
// the ContentPolicyType assertion in the constructor.
|
||||
prefs.setBoolPref("network.loadinfo.skip_type_assertion", true);
|
||||
Services.prefs.setBoolPref("network.loadinfo.skip_type_assertion", true);
|
||||
|
||||
XPCOMUtils.defineLazyGetter(this, "URL", function() {
|
||||
return "http://localhost:" + httpserver.identity.primaryPort;
|
||||
|
|
@ -23,22 +22,22 @@ var tests = [
|
|||
{
|
||||
description: "should not set request header for TYPE_OTHER",
|
||||
expectingHeader: false,
|
||||
contentType: Ci.nsIContentPolicy.TYPE_OTHER
|
||||
contentType: Ci.nsIContentPolicy.TYPE_OTHER,
|
||||
},
|
||||
{
|
||||
description: "should set request header for TYPE_DOCUMENT",
|
||||
expectingHeader: true,
|
||||
contentType: Ci.nsIContentPolicy.TYPE_DOCUMENT
|
||||
contentType: Ci.nsIContentPolicy.TYPE_DOCUMENT,
|
||||
},
|
||||
{
|
||||
description: "should set request header for TYPE_SUBDOCUMENT",
|
||||
expectingHeader: true,
|
||||
contentType: Ci.nsIContentPolicy.TYPE_SUBDOCUMENT
|
||||
contentType: Ci.nsIContentPolicy.TYPE_SUBDOCUMENT,
|
||||
},
|
||||
{
|
||||
description: "should not set request header for TYPE_IMG",
|
||||
expectingHeader: false,
|
||||
contentType: Ci.nsIContentPolicy.TYPE_IMG
|
||||
contentType: Ci.nsIContentPolicy.TYPE_IMG,
|
||||
},
|
||||
];
|
||||
|
||||
|
|
@ -46,23 +45,22 @@ function ChannelListener() {
|
|||
}
|
||||
|
||||
ChannelListener.prototype = {
|
||||
onStartRequest: function(request, context) { },
|
||||
onDataAvailable: function(request, context, stream, offset, count) {
|
||||
onStartRequest(request, context) { },
|
||||
onDataAvailable(request, context, stream, offset, count) {
|
||||
do_throw("Should not get any data!");
|
||||
},
|
||||
onStopRequest: function(request, context, status) {
|
||||
onStopRequest(request, context, status) {
|
||||
var upgrade_insecure_header = false;
|
||||
try {
|
||||
if (request.getRequestHeader("Upgrade-Insecure-Requests")) {
|
||||
upgrade_insecure_header = true;
|
||||
}
|
||||
}
|
||||
catch (e) {
|
||||
} catch (e) {
|
||||
// exception is thrown if header is not available on the request
|
||||
}
|
||||
// debug
|
||||
// dump("executing test: " + curTest.description);
|
||||
Assert.equal(upgrade_insecure_header, curTest.expectingHeader)
|
||||
Assert.equal(upgrade_insecure_header, curTest.expectingHeader);
|
||||
run_next_test();
|
||||
},
|
||||
};
|
||||
|
|
@ -71,7 +69,7 @@ function setupChannel(aContentType) {
|
|||
var chan = NetUtil.newChannel({
|
||||
uri: URL + testpath,
|
||||
loadUsingSystemPrincipal: true,
|
||||
contentPolicyType: aContentType
|
||||
contentPolicyType: aContentType,
|
||||
});
|
||||
chan.QueryInterface(Ci.nsIHttpChannel);
|
||||
chan.requestMethod = "GET";
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@
|
|||
|
||||
ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
|
||||
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
|
||||
ChromeUtils.import("resource://gre/modules/Services.jsm");
|
||||
|
||||
XPCOMUtils.defineLazyServiceGetter(this, "gScriptSecurityManager",
|
||||
"@mozilla.org/scriptsecuritymanager;1",
|
||||
|
|
@ -17,8 +18,7 @@ XPCOMUtils.defineLazyServiceGetter(this, "gContentSecurityManager",
|
|||
"@mozilla.org/contentsecuritymanager;1",
|
||||
"nsIContentSecurityManager");
|
||||
|
||||
var prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
|
||||
prefs.setCharPref("dom.securecontext.whitelist", "example.net,example.org");
|
||||
Services.prefs.setCharPref("dom.securecontext.whitelist", "example.net,example.org");
|
||||
|
||||
add_task(async function test_isOriginPotentiallyTrustworthy() {
|
||||
for (let [uriSpec, expectedResult] of [
|
||||
|
|
@ -43,7 +43,7 @@ add_task(async function test_isOriginPotentiallyTrustworthy() {
|
|||
}
|
||||
// And now let's test whether .onion sites are properly treated when
|
||||
// whitelisted, see bug 1382359.
|
||||
prefs.setBoolPref("dom.securecontext.whitelist_onions", true);
|
||||
Services.prefs.setBoolPref("dom.securecontext.whitelist_onions", true);
|
||||
let uri = NetUtil.newURI("http://1234567890abcdef.onion/");
|
||||
let principal = gScriptSecurityManager.createCodebasePrincipal(uri, {});
|
||||
Assert.equal(gContentSecurityManager.isOriginPotentiallyTrustworthy(principal),
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче