gecko-dev/dom/security/test/csp
Frederik Braun 29efcb86ac Bug 1316826 - Test for JS URLs and strict-dynamic. r=dveditz
MozReview-Commit-ID: EKmYoZbap25
2016-11-28 21:56:55 -05:00
..
browser.ini Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan 2016-04-07 14:13:09 -07:00
browser_manifest-src-override-default-src.js Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan 2016-04-07 14:13:09 -07:00
browser_test_web_manifest.js Bug 1258005 - Remove setTimeout to avoid intermittent issue. r=bkelly 2016-04-12 00:39:00 +02:00
browser_test_web_manifest_mixed_content.js Bug 1250048 - CSP manifest-src doesn't override default-src. r=ckerschb,bkelly,ehsan 2016-04-07 14:13:09 -07:00
file_CSP.css
file_CSP.sjs
file_allow_https_schemes.html
file_base_uri_server.sjs Bug 1263286 - Update csp base-uri tests. r=bz 2016-04-26 12:38:06 +02:00
file_blob_data_schemes.html
file_block_all_mcb.sjs Bug 1297051 - Test CSPRO should not block mixed content. r=dveditz 2016-08-24 09:24:20 +02:00
file_block_all_mixed_content_frame_navigation1.html Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi) 2016-03-15 16:08:07 -07:00
file_block_all_mixed_content_frame_navigation2.html Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi) 2016-03-15 16:08:07 -07:00
file_bug663567.xsl
file_bug663567_allows.xml
file_bug663567_allows.xml^headers^
file_bug663567_blocks.xml
file_bug663567_blocks.xml^headers^
file_bug802872.html
file_bug802872.html^headers^
file_bug802872.js
file_bug802872.sjs
file_bug836922_npolicies.html Bug 1208946 - Update tests for URI stripping in CSP reports (r=dveditz) 2016-01-14 12:37:15 -08:00
file_bug836922_npolicies.html^headers^
file_bug836922_npolicies_ro_violation.sjs
file_bug836922_npolicies_violation.sjs
file_bug885433_allows.html
file_bug885433_allows.html^headers^
file_bug885433_blocks.html
file_bug885433_blocks.html^headers^
file_bug886164.html
file_bug886164.html^headers^
file_bug886164_2.html
file_bug886164_2.html^headers^
file_bug886164_3.html
file_bug886164_3.html^headers^
file_bug886164_4.html
file_bug886164_4.html^headers^
file_bug886164_5.html
file_bug886164_5.html^headers^
file_bug886164_6.html
file_bug886164_6.html^headers^
file_bug888172.html
file_bug888172.sjs
file_bug909029_none.html
file_bug909029_none.html^headers^
file_bug909029_star.html
file_bug909029_star.html^headers^
file_bug910139.sjs
file_bug910139.xml
file_bug910139.xsl
file_bug941404.html
file_bug941404_xhr.html
file_bug941404_xhr.html^headers^
file_bug1229639.html Bug 1229639 - Part 2: Test case. r=ckerschb 2016-09-06 18:30:12 +08:00
file_bug1229639.html^headers^ Bug 1229639 - Part 2: Test case. r=ckerschb 2016-09-06 18:30:12 +08:00
file_bug1312272.html Bug 1312272 - Test that marquee event handlers are subject to CSP. r=smaug 2016-11-04 22:54:19 -04:00
file_bug1312272.html^headers^ Bug 1312272 - Test that marquee event handlers are subject to CSP. r=smaug 2016-11-04 22:54:19 -04:00
file_bug1312272.js Bug 1312272 - Test that marquee event handlers are subject to CSP. r=smaug 2016-11-04 22:54:19 -04:00
file_child-src_iframe.html Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
file_child-src_inner_frame.html Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
file_child-src_service_worker.html Bug 1238954 P2 Fix csp service worker tests to register and unregister separate scopes. r=ehsan 2016-02-09 19:33:40 -08:00
file_child-src_service_worker.js Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
file_child-src_shared_worker-redirect.html Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger 2015-11-16 22:41:54 +00:00
file_child-src_shared_worker.html Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger 2015-11-16 22:41:54 +00:00
file_child-src_shared_worker.js Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
file_child-src_shared_worker_data.html Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger 2015-11-16 22:41:54 +00:00
file_child-src_worker-redirect.html Bug 1251518. Fix js::ErrorReportToString to make a bit more sense, and change worker code to not use it anyway, so it matches the mainthread code. r=bholley,terrence 2016-03-01 13:49:21 -05:00
file_child-src_worker.html Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger 2015-11-16 22:41:54 +00:00
file_child-src_worker.js Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
file_child-src_worker_data.html Bug 1218433 - Use AsyncOpen2 in dom/workers/ScriptLoader.cpp - part 2 - WPT, r=sicking, r=Ms2ger 2015-11-16 22:41:54 +00:00
file_child_worker.js Bug 959388 - Add csp worker test cases. r=kmckinley 2016-06-30 12:32:03 +08:00
file_child_worker.js^headers^ Bug 959388 - Add csp worker test cases. r=kmckinley 2016-06-30 12:32:03 +08:00
file_connect-src-fetch.html
file_connect-src.html
file_data-uri_blocked.html Bug 1242019 - Truncate data URIs in CSP log messages. r=ckerschb 2016-09-12 14:30:43 -07:00
file_data-uri_blocked.html^headers^ Bug 1242019 - Truncate data URIs in CSP log messages. r=ckerschb 2016-09-12 14:30:43 -07:00
file_doccomment_meta.html Bug 663570 - Test 5: doc.write(meta csp) (r=sicking) 2015-11-14 19:30:24 -08:00
file_docwrite_meta.css Bug 663570 - Test 5: doc.write(meta csp) (r=sicking) 2015-11-14 19:30:24 -08:00
file_docwrite_meta.html Bug 663570 - Test 5: doc.write(meta csp) (r=sicking) 2015-11-14 19:30:24 -08:00
file_docwrite_meta.js Bug 663570 - Test 5: doc.write(meta csp) (r=sicking) 2015-11-14 19:30:24 -08:00
file_dual_header_testserver.sjs
file_evalscript_main.html
file_evalscript_main.html^headers^
file_evalscript_main.js
file_evalscript_main_allowed.html
file_evalscript_main_allowed.html^headers^
file_evalscript_main_allowed.js
file_fontloader.sjs Bug 1195172 - Test Fonts governed by CSP (r=bz) 2016-03-01 13:06:26 -08:00
file_fontloader.woff Bug 1195172 - Test Fonts governed by CSP (r=bz) 2016-03-01 13:06:26 -08:00
file_form-action.html
file_form_action_server.sjs Bug 1251043 - Test form submission blocked by CSP. r=francois 2016-03-23 13:38:05 -07:00
file_frameancestors.sjs
file_frameancestors_main.html
file_frameancestors_main.js
file_hash_source.html
file_hash_source.html^headers^
file_iframe_sandbox_document_write.html Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug 2016-06-28 14:03:45 -07:00
file_ignore_unsafe_inline.html
file_ignore_unsafe_inline_multiple_policies_server.sjs Bug 1198422 - CSP: Test fallback for nonce-src and hash-src (r=devitz) 2015-08-27 09:02:32 -07:00
file_inlinescript.html Bug 1173708 - Fix intermittent test_inlinescript error. r=dveditz 2015-07-20 11:25:24 -07:00
file_inlinestyle_main.html
file_inlinestyle_main.html^headers^
file_inlinestyle_main_allowed.html
file_inlinestyle_main_allowed.html^headers^
file_invalid_source_expression.html
file_leading_wildcard.html
file_main.html
file_main.html^headers^ Bug 1223647: CSP erroneously inherited into dedicated workers. r=ckerschb 2015-11-10 21:16:12 -08:00
file_main.js Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=barnes 2016-07-12 07:26:37 +02:00
file_main_worker.js Bug 959388 - Add csp worker test cases. r=kmckinley 2016-06-30 12:32:03 +08:00
file_main_worker.js^headers^ Bug 959388 - Add csp worker test cases. r=kmckinley 2016-06-30 12:32:03 +08:00
file_meta_element.html Bug 663570 - Test 1: baseline tests (r=sicking) 2015-11-14 19:29:45 -08:00
file_meta_header_dual.sjs Bug 663570 - Test 2: meta and header dual test (r=sicking) 2015-11-14 19:29:58 -08:00
file_meta_whitespace_skipping.html Bug 1261634 - Tests for whitespace skipping within meta csp. r=dveditz 2016-04-21 21:19:50 +02:00
file_multi_policy_injection_bypass.html
file_multi_policy_injection_bypass.html^headers^
file_multi_policy_injection_bypass_2.html
file_multi_policy_injection_bypass_2.html^headers^
file_multipart_testserver.sjs Bug 1223743 - Test CSP enforcement for multipart channels (r=sicking) 2015-12-14 10:06:47 -08:00
file_nonce_source.html
file_nonce_source.html^headers^
file_null_baseuri.html
file_path_matching.html
file_path_matching.js
file_path_matching_incl_query.html
file_path_matching_redirect.html
file_path_matching_redirect_server.sjs
file_ping.html Bug 1100181 - CSP: Enforce connect-src when submitting pings. r=arroway 2016-06-24 15:25:11 +02:00
file_policyuri_regression_from_multipolicy.html
file_policyuri_regression_from_multipolicy.html^headers^
file_policyuri_regression_from_multipolicy_policy
file_redirect_content.sjs
file_redirect_report.sjs
file_redirect_worker.sjs Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
file_redirects_main.html Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-06 18:33:14 -05:00
file_redirects_page.sjs Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-06 18:33:14 -05:00
file_redirects_resource.sjs Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-06 18:33:14 -05:00
file_referrerdirective.html
file_report.html
file_report_chromescript.js Bug 1222105 - Make test_report.html and test_blocked_uri_in_reports.html work with e10s. r=ckerschb 2015-11-06 16:03:03 -08:00
file_report_for_import.css Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE 2015-09-21 09:08:34 -07:00
file_report_for_import.html Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE 2015-09-21 09:08:34 -07:00
file_report_for_import_server.sjs Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE 2015-09-21 09:08:34 -07:00
file_report_uri_missing_in_report_only_header.html
file_report_uri_missing_in_report_only_header.html^headers^
file_require_sri_meta.js Bug 1277557 - Test require-sri-for in meta tag r=francois 2016-07-08 07:26:34 +02:00
file_require_sri_meta.sjs Bug 1277557 - Test require-sri-for in meta tag r=francois 2016-07-08 07:26:34 +02:00
file_sandbox_1.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_2.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_3.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_4.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_5.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_6.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_7.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_8.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_9.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_10.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_11.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_12.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_fail.js Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_sandbox_pass.js Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
file_scheme_relative_sources.js
file_scheme_relative_sources.sjs
file_self_none_as_hostname_confusion.html
file_self_none_as_hostname_confusion.html^headers^
file_sendbeacon.html Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=barnes 2016-07-12 07:26:37 +02:00
file_service_worker.html Bug 1208559 - Tests. r=bholley 2015-10-18 19:37:40 -07:00
file_service_worker.js Bug 1208559 - Tests. r=bholley 2015-10-18 19:37:40 -07:00
file_shouldprocess.html Bug 908933 - Part2 - CSP tests: ShouldProcess should block TYPE_OBJECT. r=ckerschb 2016-01-27 01:35:53 +08:00
file_strict_dynamic.js Bug 1299483 - CSP: Implement 'strict-dynamic', mochitests. r=dveditz,freddyb 2016-11-08 13:33:27 +01:00
file_strict_dynamic_default_src.html Bug 1299483 - CSP: Implement 'strict-dynamic', test default-src. r=dveditz 2016-11-08 13:34:36 +01:00
file_strict_dynamic_default_src.js Bug 1299483 - CSP: Implement 'strict-dynamic', test default-src. r=dveditz 2016-11-08 13:34:36 +01:00
file_strict_dynamic_js_url.html Bug 1316826 - Test for JS URLs and strict-dynamic. r=dveditz 2016-11-28 21:56:55 -05:00
file_strict_dynamic_non_parser_inserted.html Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb 2016-11-08 13:33:58 +01:00
file_strict_dynamic_non_parser_inserted_inline.html Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb 2016-11-08 13:33:58 +01:00
file_strict_dynamic_parser_inserted_doc_write.html Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb 2016-11-08 13:33:58 +01:00
file_strict_dynamic_parser_inserted_doc_write_correct_nonce.html Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb 2016-11-08 13:33:58 +01:00
file_strict_dynamic_script_events.html Bug 1316826 - Test case for strict-dynamic blocks inline event handlers. r=dveditz 2016-11-21 15:13:29 -05:00
file_strict_dynamic_script_events_xbl.html Bug 1316826 - Test case for strict-dynamic blocks inline event handlers. r=dveditz 2016-11-21 15:13:29 -05:00
file_strict_dynamic_script_extern.html Bug 1299483 - CSP: Implement 'strict-dynamic', mochitests. r=dveditz,freddyb 2016-11-08 13:33:27 +01:00
file_strict_dynamic_script_inline.html Bug 1299483 - CSP: Implement 'strict-dynamic', mochitests. r=dveditz,freddyb 2016-11-08 13:33:27 +01:00
file_strict_dynamic_unsafe_eval.html Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb 2016-11-08 13:33:58 +01:00
file_subframe_run_js_if_allowed.html
file_subframe_run_js_if_allowed.html^headers^
file_testserver.sjs Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug 2016-06-28 14:03:45 -07:00
file_upgrade_insecure.html Bug 1139297 - Implement CSP upgrade-insecure-requests directive - simple upgrade tests (r=tanvi,sstamm) 2015-07-10 09:16:32 -07:00
file_upgrade_insecure_cors.html Bug 1139297 - Implement CSP upgrade-insecure-requests directive - cors tests (r=smaug) 2015-07-10 09:17:17 -07:00
file_upgrade_insecure_cors_server.sjs Bug 1139297 - Implement CSP upgrade-insecure-requests directive - cors tests (r=smaug) 2015-07-10 09:17:17 -07:00
file_upgrade_insecure_docwrite_iframe.sjs Bug 1273430 - Test CSP upgrade-insecure-requests for doc.write(iframe). r=tanvi 2016-07-20 09:26:16 +02:00
file_upgrade_insecure_meta.html Bug 663570 - Test 3: update upgrade-insecure-requests tests (r=sicking) 2015-11-14 19:30:08 -08:00
file_upgrade_insecure_referrer.sjs Bug 663570 - Test 4: update referrer tests (r=sicking) 2015-11-14 19:30:16 -08:00
file_upgrade_insecure_referrer_server.sjs Bug 1139297 - Implement CSP upgrade-insecure-requests directive - tests referrer (r=sstamm) 2015-07-10 09:17:02 -07:00
file_upgrade_insecure_reporting.html Bug 1139297 - Implement CSP upgrade-insecure-requests directive - reports (r=sstamm) 2015-07-10 09:16:46 -07:00
file_upgrade_insecure_reporting_server.sjs Bug 1139297 - Implement CSP upgrade-insecure-requests directive - reports (r=sstamm) 2015-07-10 09:16:46 -07:00
file_upgrade_insecure_server.sjs Bug 1139297 - Implement CSP upgrade-insecure-requests directive - simple upgrade tests (r=tanvi,sstamm) 2015-07-10 09:16:32 -07:00
file_upgrade_insecure_wsh.py Bug 1139297 - Implement CSP upgrade-insecure-requests directive - simple upgrade tests (r=tanvi,sstamm) 2015-07-10 09:16:32 -07:00
file_web_manifest.html
file_web_manifest.json
file_web_manifest.json^headers^
file_web_manifest_https.html
file_web_manifest_https.json
file_web_manifest_mixed_content.html
file_web_manifest_remote.html
mochitest.ini Bug 1316826 - Test for JS URLs and strict-dynamic. r=dveditz 2016-11-28 21:56:55 -05:00
referrerdirective.sjs
test_301_redirect.html
test_302_redirect.html
test_303_redirect.html
test_307_redirect.html
test_CSP.html Bug 959388 - Add csp worker test cases. r=kmckinley 2016-06-30 12:32:03 +08:00
test_allow_https_schemes.html Bug 1285003 - Test insecure http port :80 allows secure https port :443. r=dveditz 2016-07-22 11:32:21 +02:00
test_base-uri.html Bug 1263286 - Update csp base-uri tests. r=bz 2016-04-26 12:38:06 +02:00
test_blob_data_schemes.html
test_block_all_mixed_content.html Bug 1297051 - Test CSPRO should not block mixed content. r=dveditz 2016-08-24 09:24:20 +02:00
test_block_all_mixed_content_frame_navigation.html Bug 1122236 - CSP: block-all-mixed-content - test frame navigation (r=tanvi) 2016-03-15 16:08:07 -07:00
test_blocked_uri_in_reports.html Bug 1222105 - Make test_report.html and test_blocked_uri_in_reports.html work with e10s. r=ckerschb 2015-11-06 16:03:03 -08:00
test_bug663567.html
test_bug802872.html
test_bug836922_npolicies.html Bug 1208946 - Update tests for URI stripping in CSP reports (r=dveditz) 2016-01-14 12:37:15 -08:00
test_bug885433.html
test_bug886164.html
test_bug888172.html
test_bug909029.html
test_bug910139.html
test_bug941404.html
test_bug1229639.html Bug 1229639 - Part 2: Test case. r=ckerschb 2016-09-06 18:30:12 +08:00
test_bug1242019.html Bug 1242019 - Truncate data URIs in CSP log messages. r=ckerschb 2016-09-12 14:30:43 -07:00
test_bug1312272.html Bug 1312272 - Test that marquee event handlers are subject to CSP. r=smaug 2016-11-04 22:54:19 -04:00
test_child-src_iframe.html Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
test_child-src_worker-redirect.html Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
test_child-src_worker.html Bug 1251875 - Part 1: Remove the dom.serviceWorkers.interception.enabled pref; r=bkelly 2016-03-01 09:16:38 -05:00
test_child-src_worker_data.html Bug 1045891 - Tests for child-src r=ckerschb 2015-11-09 16:42:26 +09:00
test_connect-src.html
test_docwrite_meta.html Bug 663570 - Test 5: doc.write(meta csp) (r=sicking) 2015-11-14 19:30:24 -08:00
test_dual_header.html
test_evalscript.html
test_fontloader.html Bug 1195172 - Test Fonts governed by CSP (r=bz) 2016-03-01 13:06:26 -08:00
test_form-action.html
test_form_action_blocks_url.html Bug 1251043 - Test form submission blocked by CSP. r=francois 2016-03-23 13:38:05 -07:00
test_frameancestors.html
test_hash_source.html
test_iframe_sandbox.html Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug 2016-06-28 14:03:45 -07:00
test_iframe_sandbox_top_1.html Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug 2016-06-28 14:03:45 -07:00
test_iframe_sandbox_top_1.html^headers^ Bug 671389 - Tests for CSP sandbox directive. r=grobinson, r=smaug 2016-06-28 14:03:45 -07:00
test_ignore_unsafe_inline.html Bug 671389 - Implement CSP sandbox directive. r=ckerschb r=smaug 2016-06-29 07:48:44 -07:00
test_inlinescript.html Bug 1173708 - Fix intermittent test_inlinescript error. r=dveditz 2015-07-20 11:25:24 -07:00
test_inlinestyle.html
test_invalid_source_expression.html
test_leading_wildcard.html
test_meta_element.html Bug 663570 - Test 1: baseline tests (r=sicking) 2015-11-14 19:29:45 -08:00
test_meta_header_dual.html Bug 663570 - Test 2: meta and header dual test (r=sicking) 2015-11-14 19:29:58 -08:00
test_meta_whitespace_skipping.html Bug 1261634 - Tests for whitespace skipping within meta csp. r=dveditz 2016-04-21 21:19:50 +02:00
test_multi_policy_injection_bypass.html
test_multipartchannel.html Bug 1223743 - Test CSP enforcement for multipart channels (r=sicking) 2015-12-14 10:06:47 -08:00
test_nonce_source.html
test_null_baseuri.html
test_path_matching.html
test_path_matching_redirect.html
test_ping.html Bug 1100181 - CSP: Enforce connect-src when submitting pings. r=arroway 2016-06-24 15:25:11 +02:00
test_policyuri_regression_from_multipolicy.html
test_redirects.html Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-06 18:33:14 -05:00
test_referrerdirective.html Bug 1317115 turn off HSTS priming to suppress perma-orange a=test-only 2016-11-15 10:52:45 +09:00
test_report.html Backed out changeset 9c1069e2a42e (bug 1236222) for failing xpcshell test test_csp_reports.js. r=backout 2016-11-09 11:31:38 +01:00
test_report_for_import.html Bug 1208946 - Update tests for URI stripping in CSP reports (r=dveditz) 2016-01-14 12:37:15 -08:00
test_report_uri_missing_in_report_only_header.html
test_require_sri_meta.html Bug 1277557 - Test require-sri-for in meta tag r=francois 2016-07-08 07:26:34 +02:00
test_sandbox.html Bug 671389 - Extend CSP tests for iframe sandbox with CSP sandbox directive tests r=grobinson 2016-06-28 14:06:06 -07:00
test_scheme_relative_sources.html
test_self_none_as_hostname_confusion.html
test_sendbeacon.html Bug 1234813 - Tests for: sendBeacon should not throw if blocked by Content Policy. r=barnes 2016-07-12 07:26:37 +02:00
test_service_worker.html Bug 1251875 - Part 1: Remove the dom.serviceWorkers.interception.enabled pref; r=bkelly 2016-03-01 09:16:38 -05:00
test_shouldprocess.html Bug 908933 - Part2 - CSP tests: ShouldProcess should block TYPE_OBJECT. r=ckerschb 2016-01-27 01:35:53 +08:00
test_strict_dynamic.html Bug 1316826 - Test for JS URLs and strict-dynamic. r=dveditz 2016-11-28 21:56:55 -05:00
test_strict_dynamic_default_src.html Bug 1299483 - CSP: Implement 'strict-dynamic', test default-src. r=dveditz 2016-11-08 13:34:36 +01:00
test_strict_dynamic_parser_inserted.html Bug 1299483 - CSP: Implement 'strict-dynamic', parser inserted mochitests. r=dveditz,freddyb 2016-11-08 13:33:58 +01:00
test_subframe_run_js_if_allowed.html
test_upgrade_insecure.html Bug 1273418 - CSP: Test evaluate upgrade-insecure-requests before block-all-mixed-content (r=tanvi) 2016-05-21 19:36:02 +02:00
test_upgrade_insecure_cors.html Bug 1139297 - Implement CSP upgrade-insecure-requests directive - cors tests (r=smaug) 2015-07-10 09:17:17 -07:00
test_upgrade_insecure_docwrite_iframe.html Bug 1273430 - Test CSP upgrade-insecure-requests for doc.write(iframe). r=tanvi 2016-07-20 09:26:16 +02:00
test_upgrade_insecure_referrer.html Bug 1186072 - Add trailing slash to origin referer header when policy is set. r=sworkman 2016-02-24 10:51:54 +01:00
test_upgrade_insecure_reporting.html Bug 1139297 - Implement CSP upgrade-insecure-requests directive - reports (r=sstamm) 2015-07-10 09:16:46 -07:00