зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1428793: Test block insecure redirects to data: URIs. r=smaug
This commit is contained in:
Родитель
47e37d6df2
Коммит
d8e2caf90a
|
@ -0,0 +1,25 @@
|
|||
"use strict";
|
||||
|
||||
let SCRIPT_DATA = "alert('this alert should be blocked');";
|
||||
let WORKER_DATA = "onmessage = function(event) { postMessage('worker-loaded'); }";
|
||||
|
||||
function handleRequest(request, response)
|
||||
{
|
||||
const query = request.queryString;
|
||||
|
||||
response.setHeader("Cache-Control", "no-cache", false);
|
||||
response.setStatusLine("1.1", 302, "Found");
|
||||
|
||||
if (query === "script") {
|
||||
response.setHeader("Location", "data:text/html," + escape(SCRIPT_DATA), false);
|
||||
return;
|
||||
}
|
||||
|
||||
if (query === "worker") {
|
||||
response.setHeader("Location", "data:text/html," + escape(WORKER_DATA), false);
|
||||
return;
|
||||
}
|
||||
|
||||
// we should never get here; just in case return something unexpected
|
||||
response.write("do'h");
|
||||
}
|
|
@ -7,6 +7,7 @@ support-files =
|
|||
file_block_toplevel_data_navigation2.html
|
||||
file_block_toplevel_data_navigation3.html
|
||||
file_block_toplevel_data_redirect.sjs
|
||||
file_block_subresource_redir_to_data.sjs
|
||||
|
||||
[test_contentpolicytype_targeted_link_iframe.html]
|
||||
[test_nosniff.html]
|
||||
|
@ -19,3 +20,4 @@ skip-if = toolkit == 'android' # intermittent failure
|
|||
skip-if = toolkit == 'android'
|
||||
[test_allow_opening_data_json.html]
|
||||
skip-if = toolkit == 'android'
|
||||
[test_block_subresource_redir_to_data.html]
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Bug 1428793: Block insecure redirects to data: URIs</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<script id="testScriptRedirectToData"></script>
|
||||
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
const NUM_TESTS = 2;
|
||||
|
||||
var testCounter = 0;
|
||||
function checkFinish() {
|
||||
testCounter++;
|
||||
if (testCounter === NUM_TESTS) {
|
||||
SimpleTest.finish();
|
||||
}
|
||||
}
|
||||
|
||||
// --- test regular scripts
|
||||
let testScriptRedirectToData = document.getElementById("testScriptRedirectToData");
|
||||
testScriptRedirectToData.onerror = function() {
|
||||
ok(true, "script that redirects to data: URI should not load");
|
||||
checkFinish();
|
||||
}
|
||||
testScriptRedirectToData.onload = function() {
|
||||
ok(false, "script that redirects to data: URI should not load");
|
||||
checkFinish();
|
||||
}
|
||||
testScriptRedirectToData.src = "file_block_subresource_redir_to_data.sjs?script";
|
||||
|
||||
// --- test workers
|
||||
let worker = new Worker("file_block_subresource_redir_to_data.sjs?worker");
|
||||
worker.onerror = function() {
|
||||
// please note that workers need to be same origin, hence the data: URI
|
||||
// redirect is blocked by worker code and not the content security manager!
|
||||
ok(true, "worker script that redirects to data: URI should not load");
|
||||
checkFinish();
|
||||
}
|
||||
worker.onmessage = function() {
|
||||
ok(false, "worker script that redirects to data: URI should not load");
|
||||
checkFinish();
|
||||
};
|
||||
worker.postMessage("dummy");
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
Загрузка…
Ссылка в новой задаче