Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-18 11:55:39 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update web-platform-tests to revision 5a754b40cd49c0404863c431b58cc311dc5d167c

Browse source
This commit is contained in:
Ms2ger 2015-11-17 09:56:30 +01:00
parent 8950345e0e
commit 32efe41299
107 changed files with 4243 additions and 435 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/wpt/web-platform-tests/subresource-integrity/crossorigin-creds-script.js.sub.headers
View file

@ -1,2 +1,2 @@
Access-Control-Allow-Origin: {{location[scheme]}}://{{location[hostname]}}:{{ports[http][0]}}
Access-Control-Allow-Origin: {{location[scheme]}}://{{domains[]}}{{GET[acao_port]}}
Access-Control-Allow-Credentials: true

2
tests/wpt/web-platform-tests/subresource-integrity/crossorigin-creds-style.css.sub.headers
View file

@ -1,2 +1,2 @@
Access-Control-Allow-Origin: {{location[scheme]}}://{{location[hostname]}}:{{ports[http][0]}}
Access-Control-Allow-Origin: {{location[scheme]}}://{{domains[]}}{{GET[acao_port]}}
Access-Control-Allow-Credentials: true

64
tests/wpt/web-platform-tests/subresource-integrity/subresource-integrity.sub.html
View file

@ -8,17 +8,42 @@
<div id="container"></div>
<script>
// This horrible hack is needed for the 'use-credentials' tests because, on
// response, if port 80 or 443 is the current port, it will not appear to
// the browser as part of the origin string. Since the origin *string* is
// used for CORS access control, instead of the origin itself, if there
// isn't an exact string match, the check will fail. For example,
// "http://example.com" would not match "http://example.com:80", because
// they are not exact string matches, even though the origins are the same.
//
// Thus, we only want the Access-Control-Allow-Origin header to have
// the port if it's not port 80 or 443, since the user agent will elide the
// ports in those cases.
var main_domain = "{{domains[]}}";
var www_domain = "{{domains[www]}}";
var default_port = "{{ports[http][0]}}";
if (location.protocol === "https:") {
default_port = "{{ports[https][0]}}";
}
var port_string = "";
if (default_port !== "80" && default_port !== "443")
port_string = ":" + default_port;
www_host_and_port = www_domain + port_string;
// <script> tests
var xorigin_anon_script = location.protocol
+ '//' + location.hostname + ':' + {{ports[http][1]}}
+ '//' + www_host_and_port
+ '/subresource-integrity/crossorigin-anon-script.js';
var xorigin_creds_script = location.protocol
+ '//' + location.hostname + ':' + {{ports[http][1]}}
+ '/subresource-integrity/crossorigin-creds-script.js';
+ '//' + www_host_and_port
+ '/subresource-integrity/crossorigin-creds-script.js?acao_port='
+ port_string;
var xorigin_ineligible_script = location.protocol
+ '//' + location.hostname + ':' + {{ports[http][1]}}
+ '//' + www_host_and_port
+ '/subresource-integrity/crossorigin-ineligible-script.js';
var SRIScriptTest = function(pass, name, src, integrityValue, crossoriginValue) {
@ -51,17 +76,20 @@
document.body.appendChild(e);
};
// Note that all of these style URLs have query parameters started, so any
// additional parameters should be appended starting with '&'.
var xorigin_anon_style = location.protocol
+ '//' + location.hostname + ':' + {{ports[http][1]}}
+ '/subresource-integrity/crossorigin-anon-style.css';
+ '//' + www_host_and_port
+ '/subresource-integrity/crossorigin-anon-style.css?';
var xorigin_creds_style = location.protocol
+ '//' + location.hostname + ':' + {{ports[http][1]}}
+ '/subresource-integrity/crossorigin-creds-style.css';
+ '//' + www_host_and_port
+ '/subresource-integrity/crossorigin-creds-style.css?acao_port='
+ port_string;
var xorigin_ineligible_style = location.protocol
+ '//' + location.hostname + ':' + {{ports[http][1]}}
+ '/subresource-integrity/crossorigin-ineligible-style.css';
+ '//' + www_host_and_port
+ '/subresource-integrity/crossorigin-ineligible-style.css?';
// <link> tests
// Style tests must be done synchronously because they rely on the presence
@ -376,7 +404,7 @@
true,
"<crossorigin='anonymous'> with correct hash, ACAO: *",
{
href: xorigin_anon_style + '?1',
href: xorigin_anon_style + '&1',
integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
crossorigin: "anonymous"
}
@ -387,7 +415,7 @@
false,
"<crossorigin='anonymous'> with incorrect hash, ACAO: *",
{
href: xorigin_anon_style + '?2',
href: xorigin_anon_style + '&2',
integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=",
crossorigin: "anonymous"
}
@ -398,7 +426,7 @@
true,
"<crossorigin='use-credentials'> with correct hash, CORS-eligible",
{
href: xorigin_creds_style + '?1',
href: xorigin_creds_style + '&1',
integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
crossorigin: "use-credentials"
}
@ -409,7 +437,7 @@
false,
"<crossorigin='use-credentials'> with incorrect hash CORS-eligible",
{
href: xorigin_creds_style + '?2',
href: xorigin_creds_style + '&2',
integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=",
crossorigin: "use-credentials"
}
@ -420,7 +448,7 @@
false,
"<crossorigin='anonymous'> with CORS-ineligible resource",
{
href: xorigin_ineligible_style + '?1',
href: xorigin_ineligible_style + '&1',
integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=",
crossorigin: "anonymous"
}
@ -431,7 +459,7 @@
false,
"Cross-origin, not CORS request, with correct hash",
{
href: xorigin_anon_style + '?3',
href: xorigin_anon_style + '&3',
integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4="
}
);
@ -441,7 +469,7 @@
false,
"Cross-origin, not CORS request, with hash mismatch",
{
href: xorigin_anon_style + '?4',
href: xorigin_anon_style + '&4',
integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk="
}
);
@ -451,7 +479,7 @@
true,
"Cross-origin, empty integrity",
{
href: xorigin_anon_style + '?5',
href: xorigin_anon_style + '&5',
integrity: ""
}
);