Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-10-04 02:29:12 +01:00
Code Issues Projects Releases Packages Wiki Activity

Update web-platform-tests to revision ddfc95cf0493ae147a4f6a4d7be8eff1a0c23098

Browse source
This commit is contained in:
Anthony Ramine 2018-01-18 10:15:04 +01:00
parent 1f6a864ab5
commit 7e6290451f
832 changed files with 16026 additions and 2649 deletions
Download patch file Download diff file Expand all files Collapse all files

39
tests/wpt/web-platform-tests/content-security-policy/form-action/form-action-self-allowed-target-blank.html Normal file
View file

@ -0,0 +1,39 @@
<!DOCTYPE html>
<html>
<head>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<meta http-equiv="Content-Security-Policy" content="form-action 'self'">
</head>
<body>
<form action='/content-security-policy/support/postmessage-pass-to-opener.html'
id='form_id'
target="_blank">
</form>
<p>
Test that "form-action 'self'" works correctly when the form uses
target="_blank". If this test passes, a new window must open after pressing
"submit".
</p>
</body>
<script>
async_test(t => {
document.addEventListener('securitypolicyviolation', function(e) {
t.unreached_func("Form submission was blocked.");
});
window.addEventListener('message', function(event) {
t.done();
})
window.addEventListener("load", function() {
document.getElementById("form_id").submit();
});
}, "The form submission should not be blocked by the iframe's CSP.");
</script>
</html>

23
tests/wpt/web-platform-tests/content-security-policy/prefetch-src/prefetch-allowed.html Normal file
View file

@ -0,0 +1,23 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="prefetch-src 'self'">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
<script src='/content-security-policy/support/testharness-helper.js'></script>
<script src='/content-security-policy/support/prefetch-helper.js'></script>
<script>
async_test(t => {
let url = window.origin + '/content-security-policy/support/pass.png';
let link = document.createElement('link');
link.rel = 'prefetch';
link.href = url;
assert_link_prefetches(t, link);
}, 'Prefetch succeeds when allowed by prefetch-src');
</script>
</head>
<body>
</body>
</html>

23
tests/wpt/web-platform-tests/content-security-policy/prefetch-src/prefetch-blocked.html Normal file
View file

@ -0,0 +1,23 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="prefetch-src 'none';">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
<script src='/content-security-policy/support/testharness-helper.js'></script>
<script src='/content-security-policy/support/prefetch-helper.js'></script>
<script>
async_test(t => {
let url = window.origin + '/content-security-policy/support/fail.png';
let link = document.createElement('link');
link.rel = 'prefetch';
link.href = url;
assert_link_does_not_prefetch(t, link);
}, "Blocked prefetch generates report.");
</script>
</head>
<body>
</body>
</html>

25
tests/wpt/web-platform-tests/content-security-policy/prefetch-src/prefetch-header-allowed.html Normal file
View file

@ -0,0 +1,25 @@
<!DOCTYPE html>
<html>
<head>
<!-- Headers:
Content-Security-Policy: prefetch-src 'self'
Link: </content-security-policy/support/pass.png>;rel=prefetch
-->
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
<script src='/content-security-policy/support/testharness-helper.js'></script>
<script src='/content-security-policy/support/prefetch-helper.js'></script>
<script>
async_test(t => {
let url = window.origin + '/content-security-policy/support/pass.png';
assert_no_csp_event_for_url(t, url);
waitUntilResourceDownloaded(url)
.then(t.step_func_done());
}, 'Prefetch via `Link` header succeeds when allowed by prefetch-src');
</script>
</head>
<body>
</body>
</html>

2
tests/wpt/web-platform-tests/content-security-policy/prefetch-src/prefetch-header-allowed.html.headers Normal file
View file

@ -0,0 +1,2 @@
Content-Security-Policy: prefetch-src 'self'
Link: </content-security-policy/support/pass.png>;rel=prefetch

30
tests/wpt/web-platform-tests/content-security-policy/prefetch-src/prefetch-header-blocked.html Normal file
View file

@ -0,0 +1,30 @@
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="prefetch-src 'none'">
<script src='/resources/testharness.js'></script>
<script src='/resources/testharnessreport.js'></script>
<script src='/content-security-policy/support/testharness-helper.js'></script>
<script src='/content-security-policy/support/prefetch-helper.js'></script>
<script>
async_test(t => {
let url = window.origin + '/content-security-policy/support/fail.png';
waitUntilCSPEventForURL(t, url)
.then(t.step_func_done(e => {
assert_equals(e.violatedDirective, 'prefetch-src');
assert_resource_not_downloaded(t, url);
}));
// Load a stylesheet that tries to trigger a prefetch:
let link = document.createElement('link');
link.rel = 'stylesheet';
link.href = '/content-security-policy/support/prefetch-subresource.css';
document.head.appendChild(link);
}, 'Prefetch via `Link` header succeeds when allowed by prefetch-src');
</script>
</head>
<body>
</body>
</html>

51
tests/wpt/web-platform-tests/content-security-policy/support/checkReport.sub.js
View file

@ -13,9 +13,16 @@
var reportValue = "{{GET[reportValue]}}";
var reportExists = "{{GET[reportExists]}}";
var noCookies = "{{GET[noCookies]}}";
var reportCookieName = "{{GET[reportCookieName]}}"
var testName = "{{GET[testName]}}"
var cookiePresent = "{{GET[cookiePresent]}}"
var reportCount = "{{GET[reportCount]}}"
var location = window.location;
var thisTestName = location.pathname.split('/')[location.pathname.split('/').length - 1].split('.')[0];
if (reportCookieName == "") {
// fallback on test file name if cookie name not specified
reportCookieName = location.pathname.split('/')[location.pathname.split('/').length - 1].split('.')[0];
}
var reportID = "";
@ -24,7 +31,7 @@
var cookieName = cookies[i].split('=')[0].trim();
var cookieValue = cookies[i].split('=')[1].trim();
if (cookieName == thisTestName) {
if (cookieName == reportCookieName) {
reportID = cookieValue;
var cookieToDelete = cookieName + "=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=" + document.location.pathname.substring(0, document.location.pathname.lastIndexOf('/') + 1);
document.cookie = cookieToDelete;
@ -33,9 +40,10 @@
}
var timeout = document.querySelector("meta[name=timeout][content=long]") ? 50 : 5;
var reportLocation = location.protocol + "//" + location.host + "/content-security-policy/support/report.py?op=take&timeout=" + timeout + "&reportID=" + reportID;
var reportLocation = location.protocol + "//" + location.host + "/content-security-policy/support/report.py?op=retrieve_report&timeout=" + timeout + "&reportID=" + reportID;
var reportTest = async_test("Violation report status OK.");
if (testName == "") testName = "Violation report status OK.";
var reportTest = async_test(testName);
function assert_field_value(field, value, field_name) {
assert_true(field.indexOf(value.split(" ")[0]) != -1,
@ -77,17 +85,38 @@
report.send();
});
if (noCookies) {
var cookieTest = async_test("No cookies sent with report.");
if (noCookies || cookiePresent) {
var cookieTest = async_test("Test report cookies.");
var cookieReport = new XMLHttpRequest();
cookieReport.onload = cookieTest.step_func(function () {
var data = JSON.parse(cookieReport.responseText);
assert_equals(data.reportCookies, "None");
cookieTest.done();
var data = JSON.parse(cookieReport.responseText);
if (noCookies) {
assert_equals(data.reportCookies, "None", "Report should not contain any cookies");
}
if (cookiePresent) {
assert_true(data.reportCookies.hasOwnProperty(cookiePresent), "Report should contain cookie: " + cookiePresent);
}
cookieTest.done();
});
var cReportLocation = location.protocol + "//" + location.host + "/content-security-policy/support/report.py?op=cookies&timeout=" + timeout + "&reportID=" + reportID;
var cReportLocation = location.protocol + "//" + location.host + "/content-security-policy/support/report.py?op=retrieve_cookies&timeout=" + timeout + "&reportID=" + reportID;
cookieReport.open("GET", cReportLocation, true);
cookieReport.send();
};
}
if (reportCount != "") {
var reportCountTest = async_test("Test number of sent reports.");
var reportCountReport = new XMLHttpRequest();
reportCountReport.onload = reportCountTest.step_func(function () {
var data = JSON.parse(reportCountReport.responseText);
assert_equals(data.report_count, reportCount, "Report count was not what was expected.");
reportCountTest.done();
});
var cReportLocation = location.protocol + "//" + location.host + "/content-security-policy/support/report.py?op=retrieve_count&timeout=" + timeout + "&reportID=" + reportID;
reportCountReport.open("GET", cReportLocation, true);
reportCountReport.send();
}
})();

3
tests/wpt/web-platform-tests/content-security-policy/support/postmessage-pass-to-opener.html Normal file
View file

@ -0,0 +1,3 @@
<script>
window.top.opener.postMessage('PASS', '*');
</script>

65
tests/wpt/web-platform-tests/content-security-policy/support/prefetch-helper.js Normal file
View file

@ -0,0 +1,65 @@
test(t => {
assert_true(document.createElement('link').relList.supports('prefetch'));
}, "Browser supports prefetch.");
test(t => {
assert_true(!!window.PerformanceResourceTiming);
}, "Browser supports performance APIs.");
async function waitUntilResourceDownloaded(url) {
await new Promise((resolve, reject) => {
if (performance.getEntriesByName(url).length >= 1)
resolve();
let observer = new PerformanceObserver(list => {
list.getEntries().forEach(entry => {
if (entry.name == url) {
resolve();
}
});
});
});
}
async function assert_resource_not_downloaded(test, url) {
if (performance.getEntriesByName(url).length >= 1) {
(test.unreached_func(`'${url}' should not have downloaded.`))();
}
}
function assert_link_prefetches(test, link) {
assert_no_csp_event_for_url(test, link.href);
link.onerror = test.unreached_func('onerror should not fire.');
// Test is finished when either the `load` event fires, or we get a performance
// entry showing that the resource loaded successfully.
link.onload = test.step_func(test.step_func_done());
waitUntilResourceDownloaded(link.href).then(test.step_func_done());
document.head.appendChild(link);
}
function assert_link_does_not_prefetch(test, link) {
let cspEvent = false;
let errorEvent = false;
waitUntilCSPEventForURL(test, link.href)
.then(test.step_func(e => {
cspEvent = true;
assert_equals(e.violatedDirective, "prefetch-src");
assert_equals(e.effectiveDirective, "prefetch-src");
if (errorEvent)
test.done();
}));
link.onerror = test.step_func(e => {
errorEvent = true;
if (cspEvent)
test.done();
});
link.onload = test.unreached_func('onload should not fire.');
document.head.appendChild(link);
}

3
tests/wpt/web-platform-tests/content-security-policy/support/prefetch-subresource.css Normal file
View file

@ -0,0 +1,3 @@
/* This CSS file sends some headers:
* Link: </content-security-policy/support/fail.png>;rel=prefetch
*/

1
tests/wpt/web-platform-tests/content-security-policy/support/prefetch-subresource.css.headers Normal file
View file

@ -0,0 +1 @@
Link: </content-security-policy/support/fail.png>;rel=prefetch

70
tests/wpt/web-platform-tests/content-security-policy/support/report.py
View file

@ -2,33 +2,61 @@ import time
import json
import re
def retrieve_from_stash(request, key, timeout, default_value):
t0 = time.time()
while time.time() - t0 < timeout:
time.sleep(0.5)
value = request.server.stash.take(key=key)
if value is not None:
return value
return default_value
def main(request, response):
op = request.GET.first("op");
key = request.GET.first("reportID")
op = request.GET.first("op");
key = request.GET.first("reportID")
cookie_key = re.sub('^....', 'cccc', key)
count_key = re.sub('^....', 'dddd', key)
if op == "take":
timeout = float(request.GET.first("timeout"))
t0 = time.time()
while time.time() - t0 < timeout:
time.sleep(0.5)
value = request.server.stash.take(key=key)
if value is not None:
return [("Content-Type", "application/json")], value
try:
timeout = request.GET.first("timeout")
except:
timeout = 0.5
timeout = float(timeout)
return [("Content-Type", "application/json")], json.dumps({'error': 'No such report.' , 'guid' : key})
if op == "retrieve_report":
return [("Content-Type", "application/json")], retrieve_from_stash(request, key, timeout, json.dumps({'error': 'No such report.' , 'guid' : key}))
if op == "cookies":
cval = request.server.stash.take(key=re.sub('^...', 'ccc', key))
if cval is None:
cval = "\"None\""
if op == "retrieve_cookies":
return [("Content-Type", "application/json")], "{ \"reportCookies\" : " + str(retrieve_from_stash(request, cookie_key, timeout, "\"None\"")) + "}"
return [("Content-Type", "application/json")], "{ \"reportCookies\" : " + cval + "}"
if op == "retrieve_count":
return [("Content-Type", "application/json")], json.dumps({'report_count': str(retrieve_from_stash(request, count_key, timeout, 0))})
if hasattr(request, 'Cookies'):
request.server.stash.put(key=re.sub('^...', 'ccc', key), value=request.Cookies)
# save cookies
if hasattr(request, 'cookies') and len(request.cookies.keys()) > 0:
# convert everything into strings and dump it into a dict so it can be jsoned
temp_cookies_dict = {}
for dict_key in request.cookies.keys():
temp_cookies_dict[str(dict_key)] = str(request.cookies.get_list(dict_key))
with request.server.stash.lock:
request.server.stash.take(key=cookie_key)
request.server.stash.put(key=cookie_key, value=json.dumps(temp_cookies_dict))
report = request.body
report.rstrip()
# save latest report
report = request.body
report.rstrip()
with request.server.stash.lock:
request.server.stash.take(key=key)
request.server.stash.put(key=key, value=report)
return [("Content-Type", "text/plain")], "Recorded report " + report
with request.server.stash.lock:
# increment report count
count = request.server.stash.take(key=count_key)
if count is None:
count = 0
count += 1
request.server.stash.put(key=count_key, value=count)
# return acknowledgement report
return [("Content-Type", "text/plain")], "Recorded report " + report