diff options
| author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-03-27 15:57:18 +0200 |
|---|---|---|
| committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-03-27 15:57:18 +0200 |
| commit | d990d8ab2cade6c928e8bbe56ae038d020cef599 (patch) | |
| tree | c7561ae0f303cb0d4a7a7507178531b4852e4dea /dom/security/test/csp/test_ignore_xfo.html | |
| parent | 0c36b27511c1fbca594f0426c493ef601fda3e4c (diff) | |
| parent | 8d5ec757ece850fb7ad5c712868f305636e41177 (diff) | |
| download | UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar.gz UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar.lz UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar.xz UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.zip | |
Merge branch 'master' of https://github.com/MoonchildProductions/UXP into js_array_values_1
Diffstat (limited to 'dom/security/test/csp/test_ignore_xfo.html')
| -rw-r--r-- | dom/security/test/csp/test_ignore_xfo.html | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/dom/security/test/csp/test_ignore_xfo.html b/dom/security/test/csp/test_ignore_xfo.html new file mode 100644 index 000000000..fb3aadc6c --- /dev/null +++ b/dom/security/test/csp/test_ignore_xfo.html @@ -0,0 +1,59 @@ +<!DOCTYPE HTML> +<html> +<head> + <title>Bug 1024557: Ignore x-frame-options if CSP with frame-ancestors exists</title> + <!-- Including SimpleTest.js so we can use waitForExplicitFinish !--> + <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> +</head> +<body> +<iframe style="width:100%;" id="csp_testframe"></iframe> +<iframe style="width:100%;" id="csp_ro_testframe"></iframe> + +<script class="testbody" type="text/javascript"> + +/* + * We load two frames using: + * x-frame-options: deny + * where the first frame uses a csp and the second a csp_ro including frame-ancestors. + * We make sure that xfo is ignored for regular csp but not for csp_ro. + */ + +SimpleTest.waitForExplicitFinish(); + +var testcounter = 0; +function checkFinished() { + testcounter++; + if (testcounter < 2) { + return; + } + SimpleTest.finish(); +} + +// 1) test XFO with CSP +var csp_testframe = document.getElementById("csp_testframe"); +csp_testframe.onload = function() { + var msg = csp_testframe.contentWindow.document.getElementById("cspmessage"); + is(msg.innerHTML, "Ignoring XFO because of CSP", "Loading frame with with XFO and CSP"); + checkFinished(); +} +csp_testframe.onerror = function() { + ok(false, "sanity: should not fire onerror for csp_testframe"); +} +csp_testframe.src = "file_ignore_xfo.html"; + +// 2) test XFO with CSP_RO +var csp_ro_testframe = document.getElementById("csp_ro_testframe"); +csp_ro_testframe.onload = function() { + var msg = csp_ro_testframe.contentWindow.document.getElementById("cspmessage"); + is(msg, null, "Blocking frame with with XFO and CSP_RO"); + checkFinished(); +} +csp_ro_testframe.onerror = function() { + ok(false, "sanity: should not fire onerror for csp_ro_testframe"); +} +csp_ro_testframe.src = "file_ro_ignore_xfo.html"; + +</script> +</body> +</html> |