зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1122236 - Test CSPs block-all-mixed-content does not affect UI (r=tanvi)
This commit is contained in:
Родитель
a35cb7baf1
Коммит
74823ec20e
|
@ -120,6 +120,8 @@ support-files =
|
|||
xul_tooltiptext.xhtml
|
||||
file_bug1045809_1.html
|
||||
file_bug1045809_2.html
|
||||
file_csp_block_all_mixedcontent.html
|
||||
file_csp_block_all_mixedcontent.js
|
||||
|
||||
[browser_URLBarSetURI.js]
|
||||
skip-if = (os == "linux" || os == "mac") && debug # bug 970052, bug 970053
|
||||
|
@ -555,3 +557,5 @@ skip-if = !e10s || !crashreporter
|
|||
skip-if = !e10s || !crashreporter
|
||||
[browser_aboutTabCrashed_withoutDump.js]
|
||||
skip-if = !e10s
|
||||
[browser_csp_block_all_mixedcontent.js]
|
||||
tags = mcb
|
||||
|
|
|
@ -0,0 +1,55 @@
|
|||
/*
|
||||
* Description of the Test:
|
||||
* We load an https page which uses a CSP including block-all-mixed-content.
|
||||
* The page tries to load a script over http. We make sure the UI is not
|
||||
* influenced when blocking the mixed content. In particular the page
|
||||
* should still appear fully encrypted with a green lock.
|
||||
*/
|
||||
|
||||
const PRE_PATH = "https://example.com/browser/browser/base/content/test/general/";
|
||||
var gTestBrowser = null;
|
||||
|
||||
//------------------------------------------------------
|
||||
function cleanUpAfterTests() {
|
||||
gBrowser.removeCurrentTab();
|
||||
window.focus();
|
||||
finish();
|
||||
}
|
||||
|
||||
//------------------------------------------------------
|
||||
function verifyUInotDegraded() {
|
||||
// make sure that not mixed content is loaded and also not blocked
|
||||
assertMixedContentBlockingState(
|
||||
gTestBrowser,
|
||||
{ activeLoaded: false,
|
||||
activeBlocked: false,
|
||||
passiveLoaded: false
|
||||
}
|
||||
);
|
||||
// clean up and finish test
|
||||
cleanUpAfterTests();
|
||||
}
|
||||
|
||||
//------------------------------------------------------
|
||||
function runTests() {
|
||||
var newTab = gBrowser.addTab();
|
||||
gBrowser.selectedTab = newTab;
|
||||
gTestBrowser = gBrowser.selectedBrowser;
|
||||
newTab.linkedBrowser.stop();
|
||||
|
||||
// Starting the test
|
||||
BrowserTestUtils.browserLoaded(gTestBrowser).then(verifyUInotDegraded);
|
||||
var url = PRE_PATH + "file_csp_block_all_mixedcontent.html";
|
||||
gTestBrowser.loadURI(url);
|
||||
}
|
||||
|
||||
//------------------------------------------------------
|
||||
function test() {
|
||||
// Performing async calls, e.g. 'onload', we have to wait till all of them finished
|
||||
waitForExplicitFinish();
|
||||
|
||||
SpecialPowers.pushPrefEnv(
|
||||
{ 'set': [["security.mixed_content.block_active_content", true]] },
|
||||
function() { runTests(); }
|
||||
);
|
||||
}
|
|
@ -0,0 +1,9 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html><head><meta charset="utf-8">
|
||||
<title>Bug 1122236 - CSP: Implement block-all-mixed-content</title>
|
||||
</head>
|
||||
<meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
|
||||
<body>
|
||||
<script src="http://example.com/browser/browser/base/content/test/general/file_csp_block_all_mixedcontent.js"/>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,3 @@
|
|||
// empty script file just used for testing Bug 1122236.
|
||||
// Making sure the UI is not degraded when blocking
|
||||
// mixed content using the CSP directive: block-all-mixed-content.
|
Загрузка…
Ссылка в новой задаче