mirror of
https://github.com/servo/servo.git
synced 2025-08-03 12:40:06 +01:00
Add same-origin redirect variants to 2d canvas security tests.
This commit is contained in:
Josh Matthews
parent
0abd5bbabd
commit
d143396934
35 changed files with 647 additions and 102 deletions
|
|
@ -330908,63 +330908,123 @@
|
|||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.image.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.image.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.image.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.create.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.create.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.cross.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.reset.html": [
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.reset.html",
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.create.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.create.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.create.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.create.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.cross.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.cross.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.reset.cross.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.reset.cross.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.reset.redirect.html": [
|
||||
[
|
||||
"/html/semantics/embedded-content/the-canvas-element/security.reset.redirect.html",
|
||||
{}
|
||||
]
|
||||
],
|
||||
|
|
@ -393336,7 +393396,7 @@
|
|||
"support"
|
||||
],
|
||||
"2dcontext/tools/gentestutils.py": [
|
||||
"61b25e0406addab477dc133edf87f25052be8a63",
|
||||
"f613a789c0e231a3600070583661ba3b1842fed3",
|
||||
"support"
|
||||
],
|
||||
"2dcontext/tools/name2dir.yaml": [
|
||||
|
|
@ -393356,7 +393416,7 @@
|
|||
"support"
|
||||
],
|
||||
"2dcontext/tools/tests.yaml": [
|
||||
"8d5dfd4ca705fa4051b2fd0e6d12bd963a2a2330",
|
||||
"ce69d48960f561a0bf43b7346d7e387e2ac9e110",
|
||||
"support"
|
||||
],
|
||||
"2dcontext/tools/tests2d.yaml": [
|
||||
|
|
@ -399484,7 +399544,7 @@
|
|||
"support"
|
||||
],
|
||||
"common/canvas-tests.js": [
|
||||
"0a9ce65afa17e2bad946a70addcb67c6cce1fab7",
|
||||
"2db347399bee84e76c01a15ca5c0c3006fcd4d4e",
|
||||
"support"
|
||||
],
|
||||
"common/css-red.txt": [
|
||||
|
|
@ -570147,44 +570207,84 @@
|
|||
"4a8ff94a4be33132d36c1e23bcf3123dc332c396",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.html": [
|
||||
"704c0a0a53fd73f462793a0de45c7baa8e43c2ad",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.cross.html": [
|
||||
"c74e8ac5a19e8eba7a225dde2fdee84f88e3c00e",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.image.html": [
|
||||
"66ea384fc03388a35f9fd619cf4d6223527dab2a",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.redirect.html": [
|
||||
"51494c44452d5d0830dda02b8e60baea0e51d49f",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.html": [
|
||||
"b110461dd4d72abe0faea76aaacc1604a1ae3612",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.image.cross.html": [
|
||||
"2941763c01f9cdf660ec746f51cde40b268300fe",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.html": [
|
||||
"3c1daa53672ceee8964b6bcf9a741450e6514e3f",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.drawImage.image.redirect.html": [
|
||||
"5cc004d27ac599e0f542aec575233aacd19f6526",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.html": [
|
||||
"64e1d6fee88b357e8a621d68f1fbeb6dc404b62c",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.cross.html": [
|
||||
"6f4230968c1d5f12b3157e969f6ecdcd1d5a923c",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.create.html": [
|
||||
"a9b37d599524fa6f5f4ff22e126af70b8e3dde9a",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.redirect.html": [
|
||||
"538c30f0de6c2c1952853576d00fd1fc19bd0dde",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.cross.html": [
|
||||
"ecbf5c329ac07304c438948b855e2e11818181c4",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.cross.html": [
|
||||
"526e41303f134c9cb0e862a4876dec2e363a1320",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.html": [
|
||||
"03b07eba1e0df53e337eb3cbdf4eccc6425c1694",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.redirect.html": [
|
||||
"a8fb8cdd1387bc67eeec3687334b303f92f91a4d",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.html": [
|
||||
"886f2b3fd151a266e8a39f09056964e117933f46",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.cross.html": [
|
||||
"536556689e037e136d0bd3d08dacdf087ffdf609",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.reset.html": [
|
||||
"2f7d1915e4c1fd69992a76ad126645fc9d8726d5",
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.redirect.html": [
|
||||
"d90f3b399affa6d795b4f7f38643dae6ba1ea3a7",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.create.cross.html": [
|
||||
"f5d020386b0d6707b20b585912cf4a98fd86986a",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.create.redirect.html": [
|
||||
"1d4e6e8090169ed602ba7bb71f811562cdf0a528",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.cross.cross.html": [
|
||||
"1bb8f33901b78142c66e3e1b989b395101488457",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.cross.redirect.html": [
|
||||
"4bf890d4778b37977b7280e42f5c004a877a18a6",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.cross.html": [
|
||||
"8630fe5572973ec38bea623acc35ecb79e9f5e76",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.redirect.html": [
|
||||
"05ea5c77fefdae06cb964cc2f6cfef9582418737",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.cross.html": [
|
||||
"65390fb4f54f6359c2c6ca1e58a1423485beb689",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.redirect.html": [
|
||||
"d7c4bac59fb35405582c7a008f0e71c20805da86",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.reset.cross.html": [
|
||||
"1b844c83c588d722d3b0ef3247d76aaacddfbe9a",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/security.reset.redirect.html": [
|
||||
"93e50cbaf157c2639f62662801dc1df4b983bde9",
|
||||
"testharness"
|
||||
],
|
||||
"html/semantics/embedded-content/the-canvas-element/size.attributes.default.html": [
|
||||
|
|
|
|||
|
|
@ -0,0 +1,5 @@
|
|||
[security.drawImage.canvas.redirect.html]
|
||||
type: testharness
|
||||
[drawImage of unclean canvas makes the canvas origin-unclean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.drawImage.image.redirect.html]
|
||||
type: testharness
|
||||
[drawImage of different-origin image makes the canvas origin-unclean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.pattern.canvas.fillStyle.redirect.html]
|
||||
type: testharness
|
||||
[Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.pattern.canvas.strokeStyle.redirect.html]
|
||||
type: testharness
|
||||
[Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.pattern.canvas.timing.redirect.html]
|
||||
type: testharness
|
||||
[Pattern safety depends on whether the source was origin-clean, not on whether it still is clean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.pattern.create.redirect.html]
|
||||
type: testharness
|
||||
[Creating an unclean pattern does not make the canvas origin-unclean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.pattern.cross.redirect.html]
|
||||
type: testharness
|
||||
[Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.pattern.image.fillStyle.redirect.html]
|
||||
type: testharness
|
||||
[Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.pattern.image.strokeStyle.redirect.html]
|
||||
type: testharness
|
||||
[Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
[security.reset.redirect.html]
|
||||
type: testharness
|
||||
[Resetting the canvas state does not reset the origin-clean flag]
|
||||
expected: FAIL
|
||||
|
||||
|
|
@ -1127,3 +1127,4 @@
|
|||
[top: calc(2 * 2px) (standards)]
|
||||
expected:
|
||||
if os == "mac": FAIL
|
||||
|
||||
|
|
|
|||
|
|
@ -450,6 +450,11 @@ def genTestUtils(TESTOUTPUTDIR, IMAGEOUTPUTDIR, TEMPLATEFILE, NAME2DIRFILE, ISOF
|
|||
for s in test.get('scripts', []):
|
||||
scripts += '<script src="%s"></script>\n' % (s)
|
||||
|
||||
variants = test.get('script-variants', {})
|
||||
script_variants = [(v, '<script src="%s"></script>\n' % (s)) for (v, s) in variants.iteritems()]
|
||||
if not script_variants:
|
||||
script_variants = [('', '')]
|
||||
|
||||
images = ''
|
||||
for i in test.get('images', []):
|
||||
id = i.split('/')[-1]
|
||||
|
|
@ -474,38 +479,44 @@ def genTestUtils(TESTOUTPUTDIR, IMAGEOUTPUTDIR, TEMPLATEFILE, NAME2DIRFILE, ISOF
|
|||
|
||||
desc = test.get('desc', '')
|
||||
escaped_desc = simpleEscapeJS(desc)
|
||||
template_params = {
|
||||
'name':name, 'name_wrapped':name_wrapped, 'backrefs':backref_html(name),
|
||||
'mapped_name':mapped_name,
|
||||
'desc':desc, 'escaped_desc':escaped_desc,
|
||||
'prev':prev, 'next':next, 'refs':refs, 'notes':notes, 'images':images,
|
||||
'fonts':fonts, 'fonthack':fonthack,
|
||||
'canvas':canvas, 'expected':expectation_html, 'code':code, 'scripts':scripts,
|
||||
'mochi_name':mochi_name, 'mochi_desc':mochi_desc, 'mochi_code':mochi_code,
|
||||
'mochi_setup':mochi_setup, 'mochi_footer':mochi_footer, 'mochi_images':mochi_images,
|
||||
'fallback':fallback
|
||||
}
|
||||
|
||||
if W3CMODE:
|
||||
f = codecs.open('%s/%s.html' % (TESTOUTPUTDIR, mapped_name), 'w', 'utf-8')
|
||||
f.write(templates['w3c'] % template_params)
|
||||
if ISOFFSCREENCANVAS:
|
||||
f = codecs.open('%s/%s.worker.js' % (TESTOUTPUTDIR, mapped_name), 'w', 'utf-8')
|
||||
f.write(templates['w3cworker'] % template_params)
|
||||
else:
|
||||
f = codecs.open('%s/%s.html' % (TESTOUTPUTDIR, name), 'w', 'utf-8')
|
||||
f.write(templates['standalone'] % template_params)
|
||||
for (variant, extra_script) in script_variants:
|
||||
name_variant = '' if not variant else '.' + variant
|
||||
|
||||
f = codecs.open('%s/framed.%s.html' % (TESTOUTPUTDIR, name), 'w', 'utf-8')
|
||||
f.write(templates['framed'] % template_params)
|
||||
template_params = {
|
||||
'name':name + name_variant,
|
||||
'name_wrapped':name_wrapped, 'backrefs':backref_html(name),
|
||||
'mapped_name':mapped_name,
|
||||
'desc':desc, 'escaped_desc':escaped_desc,
|
||||
'prev':prev, 'next':next, 'refs':refs, 'notes':notes, 'images':images,
|
||||
'fonts':fonts, 'fonthack':fonthack,
|
||||
'canvas':canvas, 'expected':expectation_html, 'code':code,
|
||||
'scripts':scripts + extra_script,
|
||||
'mochi_name':mochi_name, 'mochi_desc':mochi_desc, 'mochi_code':mochi_code,
|
||||
'mochi_setup':mochi_setup, 'mochi_footer':mochi_footer, 'mochi_images':mochi_images,
|
||||
'fallback':fallback
|
||||
}
|
||||
|
||||
f = codecs.open('%s/minimal.%s.html' % (TESTOUTPUTDIR, name), 'w', 'utf-8')
|
||||
f.write(templates['minimal'] % template_params)
|
||||
if W3CMODE:
|
||||
f = codecs.open('%s/%s%s.html' % (TESTOUTPUTDIR, mapped_name, name_variant), 'w', 'utf-8')
|
||||
f.write(templates['w3c'] % template_params)
|
||||
if ISOFFSCREENCANVAS:
|
||||
f = codecs.open('%s/%s%s.worker.js' % (TESTOUTPUTDIR, mapped_name, name_variant), 'w', 'utf-8')
|
||||
f.write(templates['w3cworker'] % template_params)
|
||||
else:
|
||||
f = codecs.open('%s/%s%s.html' % (TESTOUTPUTDIR, name, name_variant), 'w', 'utf-8')
|
||||
f.write(templates['standalone'] % template_params)
|
||||
|
||||
if mochitest:
|
||||
mochitests.append(name)
|
||||
f = codecs.open('%s/mochitests/test_%s.html' % (MISCOUTPUTDIR, name), 'w', 'utf-8')
|
||||
f.write(templates['mochitest'] % template_params)
|
||||
f = codecs.open('%s/framed.%s%s.html' % (TESTOUTPUTDIR, name, name_variant), 'w', 'utf-8')
|
||||
f.write(templates['framed'] % template_params)
|
||||
|
||||
f = codecs.open('%s/minimal.%s%s.html' % (TESTOUTPUTDIR, name, name_variant), 'w', 'utf-8')
|
||||
f.write(templates['minimal'] % template_params)
|
||||
|
||||
if mochitest:
|
||||
mochitests.append(name)
|
||||
f = codecs.open('%s/mochitests/test_%s%s.html' % (MISCOUTPUTDIR, name, name_variant), 'w', 'utf-8')
|
||||
f.write(templates['mochitest'] % template_params)
|
||||
|
||||
def write_mochitest_makefile():
|
||||
f = open('%s/mochitests/Makefile.in' % MISCOUTPUTDIR, 'w')
|
||||
|
|
|
|||
|
|
@ -864,7 +864,9 @@
|
|||
- security.getImageData
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
|
||||
@assert throws SECURITY_ERR canvas.toDataURL();
|
||||
|
|
@ -877,7 +879,9 @@
|
|||
- security.drawImage.canvas
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
|
|
@ -895,7 +899,9 @@
|
|||
- security.start
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
|
||||
canvas.toDataURL();
|
||||
|
|
@ -909,7 +915,9 @@
|
|||
- security.start
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
|
|
@ -932,7 +940,9 @@
|
|||
- security.fillStyle.canvas
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
|
|
@ -955,7 +965,9 @@
|
|||
- security.fillStyle.image
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
|
||||
ctx.fillStyle = p;
|
||||
|
|
@ -970,7 +982,9 @@
|
|||
- security.fillStyle.canvas
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
|
|
@ -990,7 +1004,9 @@
|
|||
- security.strokeStyle.image
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
|
||||
ctx.strokeStyle = p;
|
||||
|
|
@ -1005,7 +1021,9 @@
|
|||
- security.strokeStyle.canvas
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
|
|
@ -1045,7 +1063,9 @@
|
|||
- initial.reset
|
||||
scripts:
|
||||
- /common/get-host-info.sub.js
|
||||
- data:text/javascript,addCrossOriginYellowImage()
|
||||
script-variants:
|
||||
cross: data:text/javascript,addCrossOriginYellowImage()
|
||||
redirect: data:text/javascript,addCrossOriginRedirectYellowImage()
|
||||
code: |
|
||||
canvas.width = 50;
|
||||
ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
|
||||
|
|
|
|||
|
|
@ -92,4 +92,13 @@ function addCrossOriginYellowImage()
|
|||
img.className = "resource";
|
||||
img.src = get_host_info().HTTP_REMOTE_ORIGIN + "/images/yellow.png";
|
||||
document.body.appendChild(img);
|
||||
}
|
||||
}
|
||||
|
||||
function addCrossOriginRedirectYellowImage()
|
||||
{
|
||||
var img = new Image();
|
||||
img.id = "yellow.png";
|
||||
img.className = "resource";
|
||||
img.src = get_host_info().HTTP_ORIGIN + "/common/redirect.py?location=" +
|
||||
get_host_info().HTTP_REMOTE_ORIGIN + "/images/yellow.png";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.drawImage.canvas</title>
|
||||
<title>Canvas test: security.drawImage.canvas.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.drawImage.canvas</h1>
|
||||
<h1>security.drawImage.canvas.cross</h1>
|
||||
<p class="desc">drawImage of unclean canvas makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.drawImage.canvas.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.drawImage.canvas.redirect</h1>
|
||||
<p class="desc">drawImage of unclean canvas makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("drawImage of unclean canvas makes the canvas origin-unclean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
canvas2.height = 50;
|
||||
var ctx2 = canvas2.getContext('2d');
|
||||
ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
|
||||
ctx.drawImage(canvas2, 0, 0);
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.drawImage.image</title>
|
||||
<title>Canvas test: security.drawImage.image.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.drawImage.image</h1>
|
||||
<h1>security.drawImage.image.cross</h1>
|
||||
<p class="desc">drawImage of different-origin image makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.drawImage.image.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.drawImage.image.redirect</h1>
|
||||
<p class="desc">drawImage of different-origin image makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("drawImage of different-origin image makes the canvas origin-unclean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.canvas.fillStyle</title>
|
||||
<title>Canvas test: security.pattern.canvas.fillStyle.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.canvas.fillStyle</h1>
|
||||
<h1>security.pattern.canvas.fillStyle.cross</h1>
|
||||
<p class="desc">Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.canvas.fillStyle.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.canvas.fillStyle.redirect</h1>
|
||||
<p class="desc">Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
canvas2.height = 50;
|
||||
var ctx2 = canvas2.getContext('2d');
|
||||
ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
|
||||
var p = ctx.createPattern(canvas2, 'repeat');
|
||||
ctx.fillStyle = p;
|
||||
ctx.fillStyle = 'red';
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.canvas.strokeStyle</title>
|
||||
<title>Canvas test: security.pattern.canvas.strokeStyle.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.canvas.strokeStyle</h1>
|
||||
<h1>security.pattern.canvas.strokeStyle.cross</h1>
|
||||
<p class="desc">Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.canvas.strokeStyle.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.canvas.strokeStyle.redirect</h1>
|
||||
<p class="desc">Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
canvas2.height = 50;
|
||||
var ctx2 = canvas2.getContext('2d');
|
||||
ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
|
||||
var p = ctx.createPattern(canvas2, 'repeat');
|
||||
ctx.strokeStyle = p;
|
||||
ctx.strokeStyle = 'red';
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.canvas.timing</title>
|
||||
<title>Canvas test: security.pattern.canvas.timing.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.canvas.timing</h1>
|
||||
<h1>security.pattern.canvas.timing.cross</h1>
|
||||
<p class="desc">Pattern safety depends on whether the source was origin-clean, not on whether it still is clean</p>
|
||||
|
||||
<p class="notes">Disagrees with spec on "is" vs "was"
|
||||
|
|
@ -0,0 +1,41 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.canvas.timing.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.canvas.timing.redirect</h1>
|
||||
<p class="desc">Pattern safety depends on whether the source was origin-clean, not on whether it still is clean</p>
|
||||
|
||||
<p class="notes">Disagrees with spec on "is" vs "was"
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Pattern safety depends on whether the source was origin-clean, not on whether it still is clean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
canvas2.height = 50;
|
||||
var ctx2 = canvas2.getContext('2d');
|
||||
ctx2.fillStyle = '#0f0';
|
||||
ctx2.fillRect(0, 0, 100, 50);
|
||||
var p = ctx.createPattern(canvas2, 'repeat');
|
||||
ctx2.drawImage(document.getElementById('yellow.png'), 0, 0); // make canvas2 origin-unclean
|
||||
ctx.fillStyle = p;
|
||||
ctx.fillRect(0, 0, 100, 50);
|
||||
canvas.toDataURL();
|
||||
ctx.getImageData(0, 0, 1, 1);
|
||||
_assert(true, "true"); // okay if there was no exception
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.create</title>
|
||||
<title>Canvas test: security.pattern.create.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.create</h1>
|
||||
<h1>security.pattern.create.cross</h1>
|
||||
<p class="desc">Creating an unclean pattern does not make the canvas origin-unclean</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.create.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.create.redirect</h1>
|
||||
<p class="desc">Creating an unclean pattern does not make the canvas origin-unclean</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Creating an unclean pattern does not make the canvas origin-unclean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
|
||||
canvas.toDataURL();
|
||||
ctx.getImageData(0, 0, 1, 1);
|
||||
_assert(true, "true"); // okay if there was no exception
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.cross</title>
|
||||
<title>Canvas test: security.pattern.cross.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.cross</h1>
|
||||
<h1>security.pattern.cross.cross</h1>
|
||||
<p class="desc">Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,39 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.cross.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.cross.redirect</h1>
|
||||
<p class="desc">Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var canvas2 = document.createElement('canvas');
|
||||
canvas2.width = 100;
|
||||
canvas2.height = 50;
|
||||
var ctx2 = canvas2.getContext('2d');
|
||||
var p = ctx2.createPattern(document.getElementById('yellow.png'), 'repeat');
|
||||
ctx.fillStyle = p;
|
||||
ctx.fillRect(0, 0, 100, 50);
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
|
||||
canvas2.toDataURL();
|
||||
ctx2.getImageData(0, 0, 1, 1);
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.image.fillStyle</title>
|
||||
<title>Canvas test: security.pattern.image.fillStyle.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.image.fillStyle</h1>
|
||||
<h1>security.pattern.image.fillStyle.cross</h1>
|
||||
<p class="desc">Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.image.fillStyle.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.image.fillStyle.redirect</h1>
|
||||
<p class="desc">Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
|
||||
ctx.fillStyle = p;
|
||||
ctx.fillStyle = 'red';
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.image.strokeStyle</title>
|
||||
<title>Canvas test: security.pattern.image.strokeStyle.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.image.strokeStyle</h1>
|
||||
<h1>security.pattern.image.strokeStyle.cross</h1>
|
||||
<p class="desc">Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.pattern.image.strokeStyle.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.pattern.image.strokeStyle.redirect</h1>
|
||||
<p class="desc">Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
|
||||
ctx.strokeStyle = p;
|
||||
ctx.strokeStyle = 'red';
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
|
|
@ -1,13 +1,13 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.reset</title>
|
||||
<title>Canvas test: security.reset.cross</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.reset</h1>
|
||||
<h1>security.reset.cross</h1>
|
||||
<p class="desc">Resetting the canvas state does not reset the origin-clean flag</p>
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
<!DOCTYPE html>
|
||||
<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
|
||||
<title>Canvas test: security.reset.redirect</title>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/common/canvas-tests.js"></script>
|
||||
<link rel="stylesheet" href="/common/canvas-tests.css">
|
||||
<body class="show_output">
|
||||
|
||||
<h1>security.reset.redirect</h1>
|
||||
<p class="desc">Resetting the canvas state does not reset the origin-clean flag</p>
|
||||
|
||||
|
||||
<p class="output">Actual output:</p>
|
||||
<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
|
||||
|
||||
<ul id="d"></ul>
|
||||
<script>
|
||||
var t = async_test("Resetting the canvas state does not reset the origin-clean flag");
|
||||
_addTest(function(canvas, ctx) {
|
||||
|
||||
canvas.width = 50;
|
||||
ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
canvas.width = 100;
|
||||
assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
|
||||
|
||||
|
||||
});
|
||||
</script>
|
||||
<script src="/common/get-host-info.sub.js"></script>
|
||||
<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue