mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Backed out changeset 0274289bd7b8 (bug 1587633) for build bustage on a CLOSED TREE 

--HG--
rename : toolkit/components/extensions/test/xpcshell/data/file_csp.html => toolkit/components/extensions/test/mochitest/file_csp.html
rename : toolkit/components/extensions/test/xpcshell/data/file_csp.html^headers^ => toolkit/components/extensions/test/mochitest/file_csp.html^headers^
This commit is contained in:
Coroiu Cristina 2019-10-10 16:47:09 +03:00
Родитель 6cecf45003
Коммит a566f56c8b
7 изменённых файлов: 110 добавлений и 166 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

14
toolkit/components/extensions/test/mochitest/file_csp.html Normal file
Просмотреть файл

@ -0,0 +1,14 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
</head>
<body>
<div id="test">Sample text</div>
<img id="bad-image" src="http://example.org/tests/toolkit/components/extensions/test/mochitest/file_image_bad.png" />
<script id="bad-script" type="text/javascript" src="http://example.org/tests/toolkit/components/extensions/test/mochitest/file_script_bad.js"></script>
</body>
</html>

0
toolkit/components/extensions/test/xpcshell/data/file_csp.html^headers^ → toolkit/components/extensions/test/mochitest/file_csp.html^headers^
Просмотреть файл

2
toolkit/components/extensions/test/mochitest/mochitest-common.ini
Просмотреть файл

@ -135,7 +135,7 @@ skip-if = os == 'android' || verify # bug 1489771
# (it has only been enabled for apps and privileged code). See Bug 1119462 for additional info.
skip-if = os == 'android'
[test_ext_web_accessible_resources.html]
skip-if = os == 'android' && debug # bug 1397615
skip-if = fission || (os == 'android' && debug) # bug 1397615
[test_ext_web_accessible_incognito.html]
skip-if = (fission && debug) || os == 'android' # bug 1397615 and bug 1513544
[test_ext_webnavigation.html]

95
toolkit/components/extensions/test/mochitest/test_ext_web_accessible_resources.html
Просмотреть файл

@ -185,6 +185,101 @@ add_task(async function test_web_accessible_resources() {
await extension.unload();
});
add_task(async function test_web_accessible_resources_csp() {
function background() {
browser.runtime.onMessage.addListener((msg, sender) => {
if (msg.name === "image-loading") {
browser.test.assertTrue(msg.success, `Image was ${msg.expectedAction}`);
browser.test.sendMessage(`image-${msg.expectedAction}`);
} else {
browser.test.sendMessage(msg);
}
});
browser.test.sendMessage("background-ready");
}
function content() {
window.addEventListener("message", function rcv(event) {
browser.runtime.sendMessage("script-ran");
window.removeEventListener("message", rcv);
});
testImageLoading(browser.extension.getURL("image.png"), "loaded");
let testScriptElement = document.createElement("script");
// Set the src via wrappedJSObject so the load is triggered with the
// content page's principal rather than ours.
testScriptElement.wrappedJSObject.setAttribute("src", browser.extension.getURL("test_script.js"));
document.head.appendChild(testScriptElement);
browser.runtime.sendMessage("script-loaded");
}
function testScript() {
window.postMessage("test-script-loaded", "*");
}
let extension = ExtensionTestUtils.loadExtension({
manifest: {
"content_scripts": [{
"matches": ["http://example.com/*/file_csp.html"],
"run_at": "document_end",
"js": ["content_script_helper.js", "content_script.js"],
}],
"web_accessible_resources": [
"image.png",
"test_script.js",
],
},
background,
files: {
"content_script_helper.js": `${testImageLoading}`,
"content_script.js": content,
"test_script.js": testScript,
"image.png": IMAGE_ARRAYBUFFER,
},
});
// This is used to watch the blocked data bounce off CSP.
function examiner() {
SpecialPowers.addObserver(this, "csp-on-violate-policy");
}
let cspEventCount = 0;
examiner.prototype = {
observe: function(subject, topic, data) {
cspEventCount++;
let spec = SpecialPowers.wrap(subject).QueryInterface(SpecialPowers.Ci.nsIURI).spec;
ok(spec.includes("file_image_bad.png") || spec.includes("file_script_bad.js"),
`Expected file: ${spec} rejected by CSP`);
},
// We must eventually call this to remove the listener,
// or mochitests might get borked.
remove: function() {
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
},
};
let observer = new examiner();
await Promise.all([extension.startup(), extension.awaitMessage("background-ready")]);
let win = window.open("http://example.com/tests/toolkit/components/extensions/test/mochitest/file_csp.html");
await Promise.all([
extension.awaitMessage("image-loaded"),
extension.awaitMessage("script-loaded"),
extension.awaitMessage("script-ran"),
]);
is(cspEventCount, 2, "Two items were rejected by CSP");
win.close();
observer.remove();
await extension.unload();
});
add_task(async function test_web_accessible_resources_mixed_content() {
function background() {
browser.runtime.onMessage.addListener(msg => {

14
toolkit/components/extensions/test/xpcshell/data/file_csp.html
Просмотреть файл

@ -1,14 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
</head>
<body>
<div id="test">Sample text</div>
<img id="bad-image" src="http://example.org/data/file_image_bad.png">
<script id="bad-script" src="http://example.org/data/file_script_bad.js"></script>
</body>
</html>

150
toolkit/components/extensions/test/xpcshell/test_ext_web_accessible_resources.js
Просмотреть файл

@ -1,150 +0,0 @@
"use strict";
const server = createHttpServer({ hosts: ["example.com", "example.org"] });
server.registerDirectory("/data/", do_get_file("data"));
let image = atob(
"iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAAA1BMVEUAA" +
"ACnej3aAAAAAXRSTlMAQObYZgAAAApJREFUCNdjYAAAAAIAAeIhvDMAAAAASUVORK5CYII="
);
const IMAGE_ARRAYBUFFER = Uint8Array.from(image, byte => byte.charCodeAt(0))
.buffer;
async function testImageLoading(src, expectedAction) {
let imageLoadingPromise = new Promise((resolve, reject) => {
let cleanupListeners;
let testImage = document.createElement("img");
// Set the src via wrappedJSObject so the load is triggered with the
// content page's principal rather than ours.
testImage.wrappedJSObject.setAttribute("src", src);
let loadListener = () => {
cleanupListeners();
resolve(expectedAction === "loaded");
};
let errorListener = () => {
cleanupListeners();
resolve(expectedAction === "blocked");
};
cleanupListeners = () => {
testImage.removeEventListener("load", loadListener);
testImage.removeEventListener("error", errorListener);
};
testImage.addEventListener("load", loadListener);
testImage.addEventListener("error", errorListener);
document.body.appendChild(testImage);
});
let success = await imageLoadingPromise;
browser.runtime.sendMessage({
name: "image-loading",
expectedAction,
success,
});
}
add_task(async function test_web_accessible_resources_csp() {
function background() {
browser.runtime.onMessage.addListener((msg, sender) => {
if (msg.name === "image-loading") {
browser.test.assertTrue(msg.success, `Image was ${msg.expectedAction}`);
browser.test.sendMessage(`image-${msg.expectedAction}`);
} else {
browser.test.sendMessage(msg);
}
});
browser.test.sendMessage("background-ready");
}
function content() {
window.addEventListener("message", function rcv(event) {
browser.runtime.sendMessage("script-ran");
window.removeEventListener("message", rcv);
});
testImageLoading(browser.extension.getURL("image.png"), "loaded");
let testScriptElement = document.createElement("script");
// Set the src via wrappedJSObject so the load is triggered with the
// content page's principal rather than ours.
testScriptElement.wrappedJSObject.setAttribute(
"src",
browser.extension.getURL("test_script.js")
);
document.head.appendChild(testScriptElement);
browser.runtime.sendMessage("script-loaded");
}
function testScript() {
window.postMessage("test-script-loaded", "*");
}
let extension = ExtensionTestUtils.loadExtension({
manifest: {
content_scripts: [
{
matches: ["http://example.com/*/file_csp.html"],
run_at: "document_end",
js: ["content_script_helper.js", "content_script.js"],
},
],
web_accessible_resources: ["image.png", "test_script.js"],
},
background,
files: {
"content_script_helper.js": `${testImageLoading}`,
"content_script.js": content,
"test_script.js": testScript,
"image.png": IMAGE_ARRAYBUFFER,
},
});
await Promise.all([
extension.startup(),
extension.awaitMessage("background-ready"),
]);
let page = await ExtensionTestUtils.loadContentPage(
`http://example.com/data/file_sample.html`
);
await page.spawn(null, () => {
let { Services } = ChromeUtils.import(
"resource://gre/modules/Services.jsm"
);
this.obs = {
events: [],
observe(subject, topic, data) {
this.events.push(subject.QueryInterface(Ci.nsIURI).spec);
},
done() {
Services.obs.removeObserver(this, "csp-on-violate-policy");
return this.events;
},
};
Services.obs.addObserver(this.obs, "csp-on-violate-policy");
content.location.href = "http://example.com/data/file_csp.html";
});
await Promise.all([
extension.awaitMessage("image-loaded"),
extension.awaitMessage("script-loaded"),
extension.awaitMessage("script-ran"),
]);
let events = await page.spawn(null, () => this.obs.done());
equal(events.length, 2, "Two items were rejected by CSP");
for (let url of events) {
ok(
url.includes("file_image_bad.png") || url.includes("file_script_bad.js"),
`Expected file: ${url} rejected by CSP`
);
}
await page.close();
await extension.unload();
});

1
toolkit/components/extensions/test/xpcshell/xpcshell-content.ini
Просмотреть файл

@ -12,4 +12,3 @@ skip-if = (os == "android" && debug) || (os == "win" && debug) # Windows: Bug 14
[test_ext_contexts_gc.js]
[test_ext_adoption_with_xrays.js]
[test_ext_shadowdom.js]
[test_ext_web_accessible_resources.js]