Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-10-04 02:29:12 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update web-platform-tests to revision e15b5ebba7465e09bcda2962f6758cddcdcfa248

Browse source
This commit is contained in:
WPT Sync Bot 2018-10-09 21:32:32 -04:00
parent 68e55ead42
commit 3eaee747ed
214 changed files with 4692 additions and 245 deletions
Download patch file Download diff file Expand all files Collapse all files

32
tests/wpt/web-platform-tests/content-security-policy/generic/directive-name-case-insensitive.sub.html Normal file
View file

@ -0,0 +1,32 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="
IMg-sRC 'self' 'unsafe-inline' http://{{domains[www1]}}:{{ports[http][0]}};
img-src 'self' 'unsafe-inline' http://{{domains[www2]}}:{{ports[http][0]}};">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
</head>
<body>
<script>
var t1 = async_test("Test that the www1 image is allowed to load");
var t2 = async_test("Test that the www2 image is not allowed to load");
var t_spv = async_test("Test that the www2 image throws a violation event");
window.addEventListener("securitypolicyviolation", t_spv.step_func_done(function(e) {
assert_equals(e.violatedDirective, "img-src");
assert_equals(e.blockedURI, "http://{{domains[www2]}}:{{ports[http][0]}}/content-security-policy/support/fail.png");
}));
</script>
<img src="http://{{domains[www1]}}:{{ports[http][0]}}/content-security-policy/support/pass.png"
onload="t1.done();"
onerror="t1.step(function() { assert_unreached('www1 image should have loaded'); t1.done(); });">
<img src="http://{{domains[www2]}}:{{ports[http][0]}}/content-security-policy/support/fail.png"
onerror="t2.done();"
onload="t2.step(function() { assert_unreached('www2 image should not have loaded'); t2.done(); });">
</body>
</html>

23
tests/wpt/web-platform-tests/content-security-policy/inheritance/blob-url-self-navigate-inherits.sub.html Normal file
View file

@ -0,0 +1,23 @@
<!DOCTYPE html>
<html>
<head>
<script nonce="abc" src="/resources/testharness.js"></script>
<script nonce="abc" src="/resources/testharnessreport.js"></script>
</head>
<!-- This tests that navigating a main window to a local scheme preserves the current CSP.
We need to test this in a main window with no parent/opener so we use
a link with target=_blank and rel=noopener. -->
<body>
<script>
const a = document.createElement("a")
a.href = "support/navigate-self-to-blob.html?csp=script-src%20%27nonce-abc%27&report_id={{$id:uuid()}}";
a.target = "_blank"
a.rel = "noopener"
a.click()
</script>
<script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=script-src%20%27nonce-abc%27&reportID={{$id}}'></script>
</body>
</html>

6
tests/wpt/web-platform-tests/content-security-policy/inheritance/support/navigate-self-to-blob.html Normal file
View file

@ -0,0 +1,6 @@
<script nonce="abc">
var blob_string = "<script>alert(document.domain)<\/script>";
var blob = new Blob([blob_string], {type : 'text/html'});
var url = URL.createObjectURL(blob);
location.href=url;
</script>

4
tests/wpt/web-platform-tests/content-security-policy/inheritance/support/navigate-self-to-blob.html.sub.headers Normal file
View file

@ -0,0 +1,4 @@
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: {{GET[csp]}}; report-uri http://{{host}}:{{ports[http][0]}}/content-security-policy/support/report.py?op=put&reportID={{GET[report_id]}}

20
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html Normal file
View file

@ -0,0 +1,20 @@
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-c6TzhBw/snA+hlDMGOuKLWXIkb2sawA/S1wbSe6FeEM=';">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
</head>
<body>
<script nonce="abc">
var t1 = async_test("Should convert the script contents to UTF-8 before hashing");
window.addEventListener("securitypolicyviolation", t1.unreached_func("Should not have fired a spv"));
</script>
<!-- <20> (micro sign) has the value of 0xB5 in latin-1 and of 0xC2B5 in utf-8 but the hash value should be the same as the utf-8 computed one -->
<script>
// <20> - latin micro sign
t1.done();
</script>
</body>
</html>

1
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html.sub.headers Normal file
View file

@ -0,0 +1 @@
Content-Type: text/html; charset=iso-8859-1

20
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html Normal file
View file

@ -0,0 +1,20 @@
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-hbNM6T3uO5pu4o5YfNnUmwtq5VHHMr7V5ospXtx9bqU=';">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
</head>
<body>
<script nonce="abc">
var t3 = async_test("Should convert the script contents to UTF-8 before hashing");
window.addEventListener("securitypolicyviolation", t3.unreached_func("Should not have fired a spv"));
</script>
<!-- <20> (latin capital letter g with breve) has the value of 0xAB in latin-3 and of 0xC49E in utf-8 but the hash value should be the same as the utf-8 computed one -->
<script>
// <20> - latin capital letter g with breve
t3.done();
</script>
</body>
</html>

1
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html.sub.headers Normal file
View file

@ -0,0 +1 @@
Content-Type: text/html; charset=iso-8859-3

20
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html Normal file
View file

@ -0,0 +1,20 @@
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-ST0rpskqtEC0Q0hqbIAZFeE1KBMJeGZGyYaTcTkieG8=';">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
</head>
<body>
<script nonce="abc">
var t2 = async_test("Should convert the script contents to UTF-8 before hashing");
window.addEventListener("securitypolicyviolation", t2.unreached_func("Should not have fired a spv"));
</script>
<!-- <20> (greek small letter mu) has the value of 0xEC in latin-7 and of 0xCEBC in utf-8 but the hash value should be the same as the utf-8 computed one -->
<script>
// <20> - greek small letter mu
t2.done();
</script>
</body>
</html>

1
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html.sub.headers Normal file
View file

@ -0,0 +1 @@
Content-Type: text/html; charset=iso-8859-7

20
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html Normal file
View file

@ -0,0 +1,20 @@
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-hbNM6T3uO5pu4o5YfNnUmwtq5VHHMr7V5ospXtx9bqU=';">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
</head>
<body>
<script nonce="abc">
var t3 = async_test("Should convert the script contents to UTF-8 before hashing");
window.addEventListener("securitypolicyviolation", t3.unreached_func("Should not have fired a spv"));
</script>
<!-- <20> (latin capital letter g with breve) has the value of 0xD0 in latin-9 and of 0xC49E in utf-8 but the hash value should be the same as the utf-8 computed one -->
<script>
// <20> - latin capital letter g with breve
t3.done();
</script>
</body>
</html>

1
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html.sub.headers Normal file
View file

@ -0,0 +1 @@
Content-Type: text/html; charset=iso-8859-9

31
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html Normal file
View file

@ -0,0 +1,31 @@
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-YJSaNEZFStZqU2Mp2EttwhcP2aT9lnDvexn+BM2HfKo=';">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
</head>
<body>
<script nonce="abc">
var t = async_test("Should convert the script contents to UTF-8 before hashing");
var count = 0;
var script_ran = function() {
// if both blocks run the tests is succsssful
if (++count == 2) t.done();
}
window.addEventListener("securitypolicyviolation", t.unreached_func("Should not have fired a spv"));
// Insert a script element that contains the U+FFFD replacement character
var scr1 = document.createElement('script');
scr1.text ="//\uFFFD\nscript_ran();";
document.body.appendChild(scr1);
// Insert a script element that contains a surrogate character but it otherwise
// entirely identical to the previously inserted one, the surrogate should be
// be converted to U+FFFD when converting to UTF-8 so it should have the
// same hash as the one inserted before
var scr2 = document.createElement('script');
scr2.text ="//\uD801\nscript_ran();";
document.body.appendChild(scr2);
</script>
</body>
</html>

1
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html.sub.headers Normal file
View file

@ -0,0 +1 @@
Content-Type: text/html; charset=utf-8

36
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html Normal file
View file

@ -0,0 +1,36 @@
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc'
'sha256-c6TzhBw/snA+hlDMGOuKLWXIkb2sawA/S1wbSe6FeEM='
'sha256-ST0rpskqtEC0Q0hqbIAZFeE1KBMJeGZGyYaTcTkieG8='
'sha256-hbNM6T3uO5pu4o5YfNnUmwtq5VHHMr7V5ospXtx9bqU=';">
<!-- hashes matching the 3 script blocks below -->
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
</head>
<body>
<script nonce="abc">
var t1 = async_test("Should convert the script contents to UTF-8 before hashing - latin micro sign");
window.addEventListener("securitypolicyviolation", t1.unreached_func("Should not have fired a spv"));
var t2 = async_test("Should convert the script contents to UTF-8 before hashing - greek small letter mu");
window.addEventListener("securitypolicyviolation", t2.unreached_func("Should not have fired a spv"));
var t3 = async_test("Should convert the script contents to UTF-8 before hashing - latin capital letter g with breve");
window.addEventListener("securitypolicyviolation", t3.unreached_func("Should not have fired a spv"));
</script>
<!-- the hash values of these script blocks should match the same values
of identical script blocks in documents with other encodings -->
<script>
// µ - latin micro sign
t1.done();
</script>
<script>
// μ - greek small letter mu
t2.done();
</script>
<script>
// Ğ - latin capital letter g with breve
t3.done();
</script>
</body>
</html>

1
tests/wpt/web-platform-tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.sub.headers Normal file
View file

@ -0,0 +1 @@
Content-Type: text/html; charset=utf-8