Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-09-05 04:28:22 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update web-platform-tests to revision 58eb04cecbbec2e18531ab440225e38944a9c444

Browse source
This commit is contained in:
Josh Matthews 2017-04-17 12:06:02 +10:00 committed by Anthony Ramine
parent 25e8bf69e6
commit 665817d2a6
35333 changed files with 1818077 additions and 16036 deletions
Download patch file Download diff file Expand all files Collapse all files

44
tests/wpt/web-platform-tests/content-security-policy/inside-worker/dedicated-inheritance.html Normal file
View file

@ -0,0 +1,44 @@
<!DOCTYPE html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<meta http-equiv="content-security-policy" content="connect-src 'self'">
<script>
// External URLs inherit policy.
fetch_tests_from_worker(new Worker("./support/connect-src-self.sub.js"));
fetch_tests_from_worker(new Worker("./support/connect-src-self.sub.js?pipe=sub|header(Content-Security-Policy,connect-src 'none')"));
fetch_tests_from_worker(new Worker("./support/connect-src-self.sub.js?pipe=sub|header(Content-Security-Policy,connect-src *)"));
fetch_tests_from_worker(new Worker("./support/connect-src-self.sub.js?pipe=sub|header(Content-Security-Policy,default-src 'none')"));
fetch_tests_from_worker(new Worker("./support/connect-src-self.sub.js?pipe=sub|header(Content-Security-Policy,default-src *)"));
async_test(t => {
fetch("./support/connect-src-self.sub.js")
.then(r => r.blob())
.then(b => {
// 'blob:' URLs inherit policy.
var u = URL.createObjectURL(b);
fetch_tests_from_worker(new Worker(u));
if (!window.webkitRequestFileSystem)
return t.done();
// 'filesystem:' urls inherit policy.
window.webkitRequestFileSystem(window.TEMPORARY, 1024*1024, fs => {
fs.root.getFile('dedicated-inheritance-worker.js', { create: true }, entry => {
entry.createWriter(w => {
w.onwriteend = _ => {
var u = entry.toURL();
fetch_tests_from_worker(new Worker(u));
// explicit_done: yay.
t.done();
};
w.onerror = _ => t.unreached_func();
w.write(b);
});
});
});
});
}, "Filesystem and blob.");
</script>

44
tests/wpt/web-platform-tests/content-security-policy/inside-worker/dedicated-script.html Normal file
View file

@ -0,0 +1,44 @@
<!DOCTYPE html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<meta http-equiv="content-security-policy" content="script-src 'self' 'nonce-a' blob: filesystem:">
<script nonce="a">
// External URLs inherit policy: the header delivered with the script resource is ignored.
fetch_tests_from_worker(new Worker("./support/script-src-self.sub.js"));
fetch_tests_from_worker(new Worker("./support/script-src-self.sub.js?pipe=sub|header(Content-Security-Policy,script-src 'none')"));
fetch_tests_from_worker(new Worker("./support/script-src-self.sub.js?pipe=sub|header(Content-Security-Policy,script-src *)"));
fetch_tests_from_worker(new Worker("./support/script-src-self.sub.js?pipe=sub|header(Content-Security-Policy,default-src 'none')"));
fetch_tests_from_worker(new Worker("./support/script-src-self.sub.js?pipe=sub|header(Content-Security-Policy,default-src *)"));
async_test(t => {
fetch("./support/script-src-self.sub.js")
.then(r => r.blob())
.then(b => {
// 'blob:' URLs inherit policy.
var u = URL.createObjectURL(b);
fetch_tests_from_worker(new Worker(u));
if (!window.webkitRequestFileSystem)
return t.done();
// 'filesystem:' urls inherit policy.
window.webkitRequestFileSystem(window.TEMPORARY, 1024*1024, fs => {
fs.root.getFile('dedicated-script-worker.js', { create: true }, entry => {
entry.createWriter(w => {
w.onwriteend = _ => {
var u = entry.toURL();
fetch_tests_from_worker(new Worker(u));
// explicit_done: yay.
t.done();
};
w.onerror = _ => t.unreached_func();
w.write(b);
});
});
});
});
}, "Filesystem and blob.");
</script>

11
tests/wpt/web-platform-tests/content-security-policy/inside-worker/shared-inheritance.html Normal file
View file

@ -0,0 +1,11 @@
<!DOCTYPE html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<meta http-equiv="content-security-policy" content="connect-src 'self'">
<script>
// SharedWorkers do not inherit policy.
fetch_tests_from_worker(new SharedWorker("./support/connect-src-allow.sub.js"));
fetch_tests_from_worker(new SharedWorker("./support/connect-src-self.sub.js?pipe=sub|header(Content-Security-Policy,connect-src 'self')"));
fetch_tests_from_worker(new SharedWorker("./support/connect-src-self.sub.js?pipe=sub|header(Content-Security-Policy,default-src 'self')"));
</script>

11
tests/wpt/web-platform-tests/content-security-policy/inside-worker/shared-script.html Normal file
View file

@ -0,0 +1,11 @@
<!DOCTYPE html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<meta http-equiv="content-security-policy" content="script-src 'self' 'nonce-a' blob: filesystem:">
<script nonce="a">
// SharedWorker URLs do not inherit policy.
fetch_tests_from_worker(new SharedWorker("./support/script-src-allow.sub.js"));
fetch_tests_from_worker(new SharedWorker("./support/script-src-self.sub.js?pipe=sub|header(Content-Security-Policy,script-src 'self'"));
fetch_tests_from_worker(new SharedWorker("./support/script-src-self.sub.js?pipe=sub|header(Content-Security-Policy,default-src 'self'"));
</script>

53
tests/wpt/web-platform-tests/content-security-policy/inside-worker/support/connect-src-allow.sub.js Normal file
View file

@ -0,0 +1,53 @@
importScripts("{{location[server]}}/resources/testharness.js");
importScripts("{{location[server]}}/content-security-policy/support/testharness-helper.js");
// Same-origin
async_test(t => {
var url = "{{location[server]}}/content-security-policy/support/resource.py?same-origin-fetch";
assert_no_csp_event_for_url(t, url);
fetch(url)
.then(t.step_func_done(r => assert_equals(r.status, 200)));
}, "Same-origin 'fetch()' in " + self.location.protocol + self.location.search);
async_test(t => {
var url = "{{location[server]}}/content-security-policy/support/resource.py?same-origin-xhr";
assert_no_csp_event_for_url(t, url);
var xhr = new XMLHttpRequest();
xhr.open("GET", url);
xhr.onload = t.step_func_done();
xhr.onerror = t.unreached_func();
xhr.send();
}, "Same-origin XHR in " + self.location.protocol + self.location.search);
// Cross-origin
async_test(t => {
var url = "http://{{domains[www]}}:{{ports[http][1]}}/content-security-policy/support/resource.py?cross-origin-fetch";
assert_no_csp_event_for_url(t, url);
fetch(url)
.then(t.step_func_done(r => assert_equals(r.status, 200)));
}, "Cross-origin 'fetch()' in " + self.location.protocol + self.location.search);
async_test(t => {
var url = "http://{{domains[www]}}:{{ports[http][1]}}/content-security-policy/support/resource.py?cross-origin-xhr";
assert_no_csp_event_for_url(t, url);
var xhr = new XMLHttpRequest();
xhr.open("GET", url);
xhr.onload = t.step_func_done();
xhr.onerror = t.unreached_func();
xhr.send();
}, "Cross-origin XHR in " + self.location.protocol + self.location.search);
// Same-origin redirecting to cross-origin
async_test(t => {
var url = "{{location[server]}}/common/redirect-opt-in.py?status=307&location=http://{{domains[www]}}:{{ports[http][1]}}/content-security-policy/support/resource.py?cross-origin-fetch";
assert_no_csp_event_for_url(t, url);
fetch(url)
.then(t.step_func_done(r => assert_equals(r.status, 200)));
}, "Same-origin => cross-origin 'fetch()' in " + self.location.protocol + self.location.search);
done();

59
tests/wpt/web-platform-tests/content-security-policy/inside-worker/support/connect-src-self.sub.js Normal file
View file

@ -0,0 +1,59 @@
importScripts("{{location[server]}}/resources/testharness.js");
importScripts("{{location[server]}}/content-security-policy/support/testharness-helper.js");
// Same-origin
async_test(t => {
var url = "{{location[server]}}/common/text-plain.txt?same-origin-fetch";
assert_no_csp_event_for_url(t, url);
fetch(url)
.then(t.step_func_done(r => assert_equals(r.status, 200)));
}, "Same-origin 'fetch()' in " + self.location.protocol + self.location.search);
async_test(t => {
var url = "{{location[server]}}/common/text-plain.txt?same-origin-xhr";
assert_no_csp_event_for_url(t, url);
var xhr = new XMLHttpRequest();
xhr.open("GET", url);
xhr.onload = t.step_func_done();
xhr.onerror = t.unreached_func();
xhr.send();
}, "Same-origin XHR in " + self.location.protocol + self.location.search);
// Cross-origin
async_test(t => {
var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cross-origin-fetch";
Promise.all([
// TODO(mkwst): A 'securitypolicyviolation' event should fire.
fetch(url)
.catch(t.step_func(e => assert_true(e instanceof TypeError)))
]).then(t.step_func_done());
}, "Cross-origin 'fetch()' in " + self.location.protocol + self.location.search);
async_test(t => {
var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cross-origin-xhr";
Promise.all([
// TODO(mkwst): A 'securitypolicyviolation' event should fire.
new Promise((resolve, reject) => {
var xhr = new XMLHttpRequest();
xhr.open("GET", url);
xhr.onload = t.step_func(_ => reject("xhr.open should have thrown."));
xhr.onerror = t.step_func(resolve);
xhr.send();
})
]).then(t.step_func_done());
}, "Cross-origin XHR in " + self.location.protocol + self.location.search);
// Same-origin redirecting to cross-origin
async_test(t => {
var url = "{{location[server]}}/common/redirect-opt-in.py?status=307&location=http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cross-origin-fetch";
// TODO(mkwst): A 'securitypolicyviolation' event should fire.
fetch(url)
.catch(t.step_func_done(e => assert_true(e instanceof TypeError)))
}, "Same-origin => cross-origin 'fetch()' in " + self.location.protocol + self.location.search);
done();

18
tests/wpt/web-platform-tests/content-security-policy/inside-worker/support/script-src-allow.sub.js Normal file
View file

@ -0,0 +1,18 @@
importScripts("{{location[server]}}/resources/testharness.js");
test(t => {
importScripts("http://{{domains[www]}}:{{ports[http][1]}}/content-security-policy/support/testharness-helper.js");
}, "Cross-origin `importScripts()` not blocked in " + self.location.protocol + self.location.search);
test(t => {
assert_equals(2, eval("1+1"));
assert_equals(2, (new Function("return 1+1;"))());
}, "`eval()` not blocked in " + self.location.protocol + self.location.search);
async_test(t => {
self.callback = t.step_func_done();
setTimeout("self.callback();", 1);
}, "`setTimeout([string])` not blocked in " + self.location.protocol + self.location.search);
done();

31
tests/wpt/web-platform-tests/content-security-policy/inside-worker/support/script-src-self.sub.js Normal file
View file

@ -0,0 +1,31 @@
importScripts("{{location[server]}}/resources/testharness.js");
importScripts("{{location[server]}}/content-security-policy/support/testharness-helper.js");
test(t => {
self.a = false;
assert_throws("NetworkError",
_ => importScripts("http://{{domains[www]}}:{{ports[http][1]}}/content-security-policy/support/var-a.js"),
"importScripts should throw `NetworkError`");
assert_false(self.a);
}, "Cross-origin `importScripts()` blocked in " + self.location.protocol + self.location.search);
test(t => {
assert_throws(EvalError(),
_ => eval("1 + 1"),
"`eval()` should throw 'EvalError'.");
assert_throws(EvalError(),
_ => new Function("1 + 1"),
"`new Function()` should throw 'EvalError'.");
}, "`eval()` blocked in " + self.location.protocol + self.location.search);
async_test(t => {
waitUntilCSPEventForEval(t, 27)
.then(t.step_func_done());
self.setTimeoutTest = t;
var result = setTimeout("(self.setTimeoutTest.unreached_func('setTimeout([string]) should not execute.'))()", 1);
assert_equals(result, 0);
}, "`setTimeout([string])` blocked in " + self.location.protocol + self.location.search);
done();