Update web-platform-tests to revision 4a5223502fa660ce03e470af6a61c8bc26c5a8ee

tests/wpt/web-platform-tests/content-security-policy/embedded-enforcement/support/testharness-helper.sub.js

@@ -118,7 +118,7 @@ function assert_iframe_with_csp(t, url, csp, shouldBlock, urlId, blockedURI) {
     window.onmessage = function (e) {
       if (e.source != i.contentWindow)
           return;
-      t.unreached_func('No message should be sent from the frame.');
+      t.assert_unreached('No message should be sent from the frame.');
     }
     i.onload = t.step_func(function () {
       // Delay the check until after the postMessage has a chance to execute.
@@ -138,12 +138,18 @@ function assert_iframe_with_csp(t, url, csp, shouldBlock, urlId, blockedURI) {
       t.done();
     }));
   } else {
-    // Assert iframe loads.
+    // Assert iframe loads.  Wait for both the load event and the postMessage.
+    window.addEventListener('message', t.step_func(e => {
+      if (e.source != i.contentWindow)
+        return;
+      assert_true(loaded[urlId]);
+      if (i.onloadReceived)
+        t.done();
+    }));
     i.onload = t.step_func(function () {
-      // Delay the check until after the postMessage has a chance to execute.
-      setTimeout(t.step_func_done(function () {
-        assert_true(loaded[urlId]);
-      }), 1);
+      if (loaded[urlId])
+        t.done();
+      i.onloadReceived = true;
     });
   }
   document.body.appendChild(i);

tests/wpt/web-platform-tests/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html

@@ -19,10 +19,7 @@
             var i = document.createElement('iframe');
             i.src = "support/frame-ancestors-and-x-frame-options.sub.html?policy=other-origin.com&xfo=SAMEORIGIN";
             i.onload = t.step_func_done(function () {
-                assert_throws(
-                    "SecurityError",
-                    function () { i.contentDocument.origin },
-                    "The same-origin page was blocked and sandboxed.");
+                assert_equals(i.contentDocument, null);
             });
             document.body.appendChild(i);
         }, "A 'frame-ancestors' CSP directive overrides an 'x-frame-options' header which would allow the page.");

tests/wpt/web-platform-tests/content-security-policy/navigate-to/child-navigates-parent-allowed.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -15,4 +16,4 @@
 
 <iframe srcdoc="<iframe src='support/navigate_parent.sub.html?csp=navigate-to%20%27self%27'>">
 
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/navigate-to/child-navigates-parent-blocked.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -16,4 +17,4 @@
 
 <iframe srcdoc="<iframe src='support/navigate_parent.sub.html?csp=navigate-to%20%27none%27'>">
 
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/navigate-to/link-click-allowed.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -13,4 +14,4 @@
   });
 </script>
 <iframe src="support/link_click_navigation.sub.html?csp=navigate-to%20%27self%27&target=post_message_to_frame_owner.html">
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/navigate-to/link-click-blocked.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -14,4 +15,4 @@
   });
 </script>
 <iframe src="support/link_click_navigation.sub.html?csp=navigate-to%20%27none%27&target=post_message_to_frame_owner.html">
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/navigate-to/link-click-cross-origin-allowed.sub.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -13,4 +14,4 @@
   });
 </script>
 <iframe src="support/link_click_navigation.sub.html?csp=navigate-to%20http%3A%2F%2F{{domains[www1]}}:{{ports[http][0]}}&target=http%3A%2F%2F{{domains[www1]}}:{{ports[http][0]}}%2Fcontent-security-policy%2Fnavigate-to%2Fsupport%2Fpost_message_to_frame_owner.html">
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/navigate-to/link-click-cross-origin-blocked.sub.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -14,4 +15,4 @@
   });
 </script>
 <iframe src="support/link_click_navigation.sub.html?csp=navigate-to%20%27self%27&target=http%3A%2F%2F{{domains[www1]}}:{{ports[http][0]}}%2Fcontent-security-policy%2Fnavigate-to%2Fsupport%2Fpost_message_to_frame_owner.html">
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/navigate-to/link-click-redirected-allowed.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -13,4 +14,4 @@
   });
 </script>
 <iframe src="support/link_click_navigation.sub.html?csp=navigate-to%20%27self%27&target=redirect_to_post_message_to_frame_owner.py">
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/navigate-to/link-click-redirected-blocked.sub.html

@@ -1,6 +1,7 @@
 <!DOCTYPE html>
 
 <head>
+<meta name="timeout" content="long">
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 </head>
@@ -14,4 +15,4 @@
   });
 </script>
 <iframe src="support/link_click_navigation.sub.html?csp=navigate-to%20{{location[server]}}/content-security-policy/navigate-to/support/redirect_to_post_message_to_frame_owner.py&target=redirect_to_post_message_to_frame_owner.py">
-</body>
+</body>

tests/wpt/web-platform-tests/content-security-policy/prefetch-src/prefetch-allowed.html

@@ -1,20 +1,27 @@
 <!DOCTYPE html>
 <html>
 <head>
-  <meta http-equiv="Content-Security-Policy" content="prefetch-src 'self'">
   <script src='/resources/testharness.js'></script>
   <script src='/resources/testharnessreport.js'></script>
   <script src='/content-security-policy/support/testharness-helper.js'></script>
   <script src='/content-security-policy/support/prefetch-helper.js'></script>
   <script>
     async_test(t => {
-      let url = window.origin + '/content-security-policy/support/pass.png';
+      var win = window.open('/content-security-policy/support/' +
+                            'file-prefetch-allowed.html');
+      win.addEventListener('load', function () {
+        // Cache control headers are added,since they are needed 
+        // to enable prefetching.
+        let url = '/content-security-policy/support/pass.png' +
+                                  '?pipe=header(Cache-Control, max-age=604800)';
 
-      let link = document.createElement('link');
-      link.rel = 'prefetch';
-      link.href = url;
-
-      assert_link_prefetches(t, link);
+        // Link element is created on the new opened window.
+        let link = win.document.createElement('link');
+        link.rel = 'prefetch';
+        link.href = url;
+        assert_link_prefetches(t, link);
+        win.close();
+      }, false);
     }, 'Prefetch succeeds when allowed by prefetch-src');
   </script>
 </head>

tests/wpt/web-platform-tests/content-security-policy/securitypolicyviolation/idl.html

@@ -21,9 +21,6 @@
       long           lineNumber;
       long           columnNumber;
   };
-
-  interface Event {
-  };
 </script>
 <script type="text/plain" id="tested">
   [Constructor(DOMString type, optional SecurityPolicyViolationEventInit eventInitDict)]
@@ -42,11 +39,16 @@
   };
 </script>
 <script>
-    var idl_array = new IdlArray();
+  promise_test(async function() {
+    const dom = await fetch('/interfaces/dom.idl').then(r => r.text());
+
+    const idl_array = new IdlArray();
     idl_array.add_untested_idls(document.querySelector('#untested').textContent);
+    idl_array.add_untested_idls(dom, { only: ['Event', 'EventInit'] });
     idl_array.add_idls(document.querySelector('#tested').textContent);
     idl_array.add_objects({
-      SecurityPolicyViolationEvent: ['new SecurityPolicyViolationEvent({})']      
+      SecurityPolicyViolationEvent: ['new SecurityPolicyViolationEvent({})']
     });
     idl_array.test();
+  })
 </script>

tests/wpt/web-platform-tests/content-security-policy/support/file-prefetch-allowed.html

@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <!-- CSP directive 'prefetch-src' is not supported via meta tag though -->
+  <meta http-equiv="Content-Security-Policy" content="prefetch-src 'self'">
+</head>
+<body>
+</body>
+</html>