Add m-esr52 at 52.6.0

1 files changed, 100 insertions, 0 deletions

diff --git a/dom/security/test/general/test_block_script_wrong_mime.html b/dom/security/test/general/test_block_script_wrong_mime.html
new file mode 100644
index 000000000..f4da9c577
--- /dev/null
+++ b/dom/security/test/general/test_block_script_wrong_mime.html
@@ -0,0 +1,100 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 1288361 - Block scripts with incorrect MIME type</title>
+  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+
+<script class="testbody" type="text/javascript">
+
+const MIMETypes = [
+  ["application/javascript", true],
+  ["text/javascript", true],
+
+  ["audio/mpeg", false],
+  ["audio/", false],
+  ["image/jpeg", false],
+  ["image/", false],
+  ["video/mpeg", false],
+  ["video/", false],
+  ["text/csv", false],
+];
+
+// <script src="">
+function testScript([mime, shouldLoad]) {
+  return new Promise((resolve, reject) => {
+    let script = document.createElement("script");
+    script.onload = () => {
+      document.body.removeChild(script);
+      ok(shouldLoad, `script with mime '${mime}' should load`);
+      resolve();
+    };
+    script.onerror = () => {
+      document.body.removeChild(script);
+      ok(!shouldLoad, `script with wrong mime '${mime}' should be blocked`);
+      resolve();
+    };
+    script.src = "file_block_script_wrong_mime_server.sjs?type=script&mime="+mime;
+    document.body.appendChild(script);
+  });
+}
+
+// new Worker()
+function testWorker([mime, shouldLoad]) {
+  return new Promise((resolve, reject) => {
+    let worker = new Worker("file_block_script_wrong_mime_server.sjs?type=worker&mime="+mime);
+    worker.onmessage = (event) => {
+      ok(shouldLoad, `worker with mime '${mime}' should load`)
+      is(event.data, "worker-loaded", "worker should send correct message");
+      resolve();
+    };
+    worker.onerror = (error) => {
+      ok(!shouldLoad, `worker with wrong mime '${mime}' should be blocked`);
+      let msg = error.message;
+      ok(msg.match(/^NetworkError/) || msg.match(/Failed to load worker script/),
+         "should gets correct error message");
+      error.preventDefault();
+      resolve();
+    }
+    worker.postMessage("dummy");
+  });
+}
+
+// new Worker() with importScripts()
+function testWorkerImportScripts([mime, shouldLoad]) {
+  return new Promise((resolve, reject) => {
+    let worker = new Worker("file_block_script_wrong_mime_server.sjs?type=worker-import&mime="+mime);
+    worker.onmessage = (event) => {
+      ok(shouldLoad, `worker/importScripts with mime '${mime}' should load`)
+      is(event.data, "worker-loaded", "worker should send correct message");
+      resolve();
+    };
+    worker.onerror = (error) => {
+      ok(!shouldLoad, `worker/importScripts with wrong mime '${mime}' should be blocked`);
+      let msg = error.message;
+      ok(msg.match(/^NetworkError/) || msg.match(/Failed to load worker script/),
+         "should gets correct error message");
+      error.preventDefault();
+      resolve();
+    }
+    worker.postMessage("dummy");
+  });
+}
+
+SimpleTest.waitForExplicitFinish();
+SpecialPowers.pushPrefEnv({set: [["security.block_script_with_wrong_mime", true]]}, function() {
+  Promise.all(MIMETypes.map(testScript)).then(() => {
+    return Promise.all(MIMETypes.map(testWorker));
+  }).then(() => {
+    return Promise.all(MIMETypes.map(testWorkerImportScripts));
+  }).then(() => {
+    SpecialPowers.popPrefEnv(SimpleTest.finish);
+  });
+});
+
+</script>
+</body>
+</html>