Update web-platform-tests to revision b7a8b84debb42268ea95a45bdad8f727d1facdf7

2025-08-18 20:05:34 +01:00 · 2019-03-21 21:40:20 -04:00 · 2019-03-21 21:40:20 -04:00 · 953dbda9a6
commit 953dbda9a6
parent ba929208e4
215 changed files with 6409 additions and 1644 deletions
--- a/tests/wpt/web-platform-tests/import-maps/csp/applied-to-target-dynamic.sub.tentative.html
+++ b/tests/wpt/web-platform-tests/import-maps/csp/applied-to-target-dynamic.sub.tentative.html
@ -0,0 +1,26 @@
+<!DOCTYPE html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="../resources/test-helper.js"></script>
+<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline';">
+<script type="importmap">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "https://{{domains[www1]}}:{{ports[https][0]}}/import-maps/resources/log.js?pipe=sub&name=B",
+    "https://{{domains[www1]}}:{{ports[https][0]}}/import-maps/resources/log.js?pipe=sub&name=C": "../resources/log.js?pipe=sub&name=D"
+  }
+}
+</script>
+<script>
+promise_test(t => {
+    return promise_rejects(t, TypeError(),
+                           import('../resources/log.js?pipe=sub&name=A'),
+                           'Dynamic import should fail');
+  }, 'The URL after mapping violates CSP (but not the URL before mapping)');
+
+promise_test(t => {
+    return import('https://{{domains[www1]}}:{{ports[https][0]}}/import-maps/resources/log.js?pipe=sub&name=C')
+      .then(() => assert_array_equals(log, ["log:D"]));
+  }, 'The URL before mapping violates CSP (but not the URL after mapping)');
+</script>
--- a/tests/wpt/web-platform-tests/import-maps/csp/applied-to-target.sub.tentative.html
+++ b/tests/wpt/web-platform-tests/import-maps/csp/applied-to-target.sub.tentative.html
@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="../resources/test-helper.js"></script>
+<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline';">
+<script type="importmap">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "https://{{domains[www1]}}:{{ports[https][0]}}/import-maps/resources/log.js?pipe=sub&name=B",
+    "https://{{domains[www1]}}:{{ports[https][0]}}/import-maps/resources/log.js?pipe=sub&name=C": "../resources/log.js?pipe=sub&name=D"
+  }
+}
+</script>
+<script type="module">
+import '../resources/log.js?pipe=sub&name=A';
+</script>
+<script type="module">
+test(t => {
+    assert_array_equals(log, []);
+  }, 'The URL after mapping violates CSP (but not the URL before mapping)');
+</script>
+
+<script type="module">
+import 'https://{{domains[www1]}}:{{ports[https][0]}}/import-maps/resources/log.js?pipe=sub&name=C';
+</script>
+<script type="module">
+test(t => {
+    assert_array_equals(log, ["log:D"]);
+  }, 'The URL before mapping violates CSP (but not the URL after mapping)');
+</script>
--- a/tests/wpt/web-platform-tests/import-maps/csp/hash-failure.tentative.html
+++ b/tests/wpt/web-platform-tests/import-maps/csp/hash-failure.tentative.html
@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'sha256-wrong9e+pZbSYIkpB8BIE0Hs7yHajJDiX5mnT/wrong=' 'sha256-RAsyam34o4peVe9sCebtaZWRVhqAhudem+NlcnP2Kp8=';">
+
+<!-- 'sha256-P5xqp9e+pZbSYIkpB8BIE0Hs7yHajJDiX5mnT/1PO1I=' -->
+<script type="importmap">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "../resources/log.js?pipe=sub&name=B"
+  }
+}
+</script>
+
+<!-- 'sha256-RAsyam34o4peVe9sCebtaZWRVhqAhudem+NlcnP2Kp8=' -->
+<script>
+const log = [];
+promise_test(() => {
+  return import("../resources/log.js?pipe=sub&name=A")
+    .then(() => assert_array_equals(log, ["log:A"]))
+  },
+  'Importmap should not be accepted due to wrong hash');
+</script>
--- a/tests/wpt/web-platform-tests/import-maps/csp/hash.tentative.html
+++ b/tests/wpt/web-platform-tests/import-maps/csp/hash.tentative.html
@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'sha256-P5xqp9e+pZbSYIkpB8BIE0Hs7yHajJDiX5mnT/1PO1I=' 'sha256-Ciqph+wQDoB2suzqZVHOD0iw99WqaTUwZXRl7ATzBxc=';">
+
+<!-- 'sha256-P5xqp9e+pZbSYIkpB8BIE0Hs7yHajJDiX5mnT/1PO1I=' -->
+<script type="importmap">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "../resources/log.js?pipe=sub&name=B"
+  }
+}
+</script>
+
+<!-- 'sha256-Ciqph+wQDoB2suzqZVHOD0iw99WqaTUwZXRl7ATzBxc=' -->
+<script>
+const log = [];
+promise_test(() => {
+  return import("../resources/log.js?pipe=sub&name=A")
+    .then(() => assert_array_equals(log, ["log:B"]))
+  },
+  'Importmap should be accepted due to hash');
+</script>
--- a/tests/wpt/web-platform-tests/import-maps/csp/nonce-failure.tentative.html
+++ b/tests/wpt/web-platform-tests/import-maps/csp/nonce-failure.tentative.html
@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<meta http-equiv="Content-Security-Policy" content="script-src 'nonce-abc';">
+<script type="importmap">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "../resources/log.js?pipe=sub&name=B"
+  }
+}
+</script>
+<script type="importmap" nonce="wrong">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "../resources/log.js?pipe=sub&name=B"
+  }
+}
+</script>
+<script nonce="abc">
+const log = [];
+promise_test(() => {
+  return import("../resources/log.js?pipe=sub&name=A")
+    .then(() => assert_array_equals(log, ["log:A"]))
+  },
+  'Importmap should be rejected due to nonce');
+</script>
--- a/tests/wpt/web-platform-tests/import-maps/csp/nonce.tentative.html
+++ b/tests/wpt/web-platform-tests/import-maps/csp/nonce.tentative.html
@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<meta http-equiv="Content-Security-Policy" content="script-src 'nonce-abc';">
+<script type="importmap" nonce="abc">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "../resources/log.js?pipe=sub&name=B"
+  }
+}
+</script>
+<script nonce="abc">
+const log = [];
+promise_test(() => {
+  return import("../resources/log.js?pipe=sub&name=A")
+    .then(() => assert_array_equals(log, ["log:B"]))
+  },
+  'Importmap should be accepted according to its correct nonce');
+</script>
--- a/tests/wpt/web-platform-tests/import-maps/csp/unsafe-inline.tentative.html
+++ b/tests/wpt/web-platform-tests/import-maps/csp/unsafe-inline.tentative.html
@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline';">
+<script type="importmap">
+{
+  "imports": {
+    "../resources/log.js?pipe=sub&name=A": "../resources/log.js?pipe=sub&name=B"
+  }
+}
+</script>
+<script>
+const log = [];
+promise_test(() => {
+  return import("../resources/log.js?pipe=sub&name=A")
+    .then(() => assert_array_equals(log, ["log:B"]))
+  },
+  'Importmap should be accepted due to unsafe-inline');
+</script>