Bug 1770094 - Test. r=emilio,freddyb

Depends on D154518

Differential Revision: https://phabricator.services.mozilla.com/D154526

parser/htmlparser/tests/mochitest/file_base_csp_img.sjs

@@ -0,0 +1,18 @@
+function handleRequest(request, response) {
+  var hosts = getState("hosts");
+  hosts = hosts ? JSON.parse(hosts) : [];
+
+  if (request.queryString == "result") {
+    response.setHeader("Cache-Control", "no-cache", false);
+    response.setHeader("Content-Type", "text/json", false);
+    response.write(JSON.stringify(hosts));
+
+    setState("hosts", "[]");
+  } else {
+    response.setStatusLine("1.1", 302, "Found");
+    response.setHeader("Location", "blue.png", false);
+
+    hosts.push(request.host);
+    setState("hosts", JSON.stringify(hosts));
+  }
+}

parser/htmlparser/tests/mochitest/mochitest.ini

@@ -104,6 +104,15 @@ support-files =
   html5lib_tree_construction/scripted/ark.dat
   blue.png
 
+[test_base_csp_img.html]
+support-files =
+  blue.png
+  file_base_csp_img.sjs
+[test_base_header_csp_img.html]
+support-files =
+  blue.png
+  file_base_csp_img.sjs
+  test_base_header_csp_img.html^headers^
 [test_bug102699.html]
 [test_bug174351.html]
 [test_bug213517.html]

parser/htmlparser/tests/mochitest/test_base_csp_img.html

@@ -0,0 +1,35 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Base with base-uri CSP</title>
+  <script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+
+  <!-- Set CSP -->
+  <meta http-equiv="Content-Security-Policy" content="base-uri 'self';">
+
+  <!-- Base should be ignored -->
+  <base href="http://example.org/">
+</head>
+<body>
+
+<img src="/tests/parser/htmlparser/tests/mochitest/file_base_csp_img.sjs?image" width=10 height=10>
+
+<script>
+add_task(async function() {
+  let response = await fetch(
+    "http://mochi.test:8888/tests/parser/htmlparser/tests/mochitest/file_base_csp_img.sjs?result"
+  );
+  let hosts = await response.json();
+
+  is(hosts.length, 1, "One host");
+  is(hosts[0], "mochi.test", "Host was not influenced by base");
+
+  info("finished");
+});
+</script>
+
+</body>
+</html>
+

parser/htmlparser/tests/mochitest/test_base_header_csp_img.html

@@ -0,0 +1,32 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Base with base-uri CSP header</title>
+  <script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+
+  <!-- Base should be ignored -->
+  <base href="http://example.org/">
+</head>
+<body>
+
+<img src="/tests/parser/htmlparser/tests/mochitest/file_base_csp_img.sjs?image" width=10 height=10>
+
+<script>
+add_task(async function() {
+  let response = await fetch(
+    "http://mochi.test:8888/tests/parser/htmlparser/tests/mochitest/file_base_csp_img.sjs?result"
+  );
+  let hosts = await response.json();
+
+  is(hosts.length, 1, "One host");
+  is(hosts[0], "mochi.test", "Host was not influenced by base");
+
+  info("finished");
+});
+</script>
+
+</body>
+</html>
+

parser/htmlparser/tests/mochitest/test_base_header_csp_img.html^headers^

@@ -0,0 +1 @@
+Content-Security-Policy: base-uri 'self';