diff options
author | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
---|---|---|
committer | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
commit | 5f8de423f190bbb79a62f804151bc24824fa32d8 (patch) | |
tree | 10027f336435511475e392454359edea8e25895d /dom/security/test/hsts/file_priming-top.html | |
parent | 49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff) | |
download | UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip |
Add m-esr52 at 52.6.0
Diffstat (limited to 'dom/security/test/hsts/file_priming-top.html')
-rw-r--r-- | dom/security/test/hsts/file_priming-top.html | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/dom/security/test/hsts/file_priming-top.html b/dom/security/test/hsts/file_priming-top.html new file mode 100644 index 000000000..b1d1bfa40 --- /dev/null +++ b/dom/security/test/hsts/file_priming-top.html @@ -0,0 +1,84 @@ +<!DOCTYPE HTML> +<html> +<head> + <title>Bug 1246540</title> + <meta http-equiv='content-type' content="text/html;charset=utf-8" /> +</head> +<body> + <p id="display"></p> + <div id="content" style="visibility: hidden"> + </div> + +<script type="text/javascript"> +/* + * Description of the test: + * Attempt to load an insecure resource. If the resource responds to HSTS + * priming with an STS header, the load should continue securely. + * If it does not, the load should continue be blocked or continue insecurely. + */ + +function parse_query_string() { + var q = {}; + document.location.search.substr(1). + split('&').forEach(function (item, idx, ar) { + let [k, v] = item.split('='); + q[k] = unescape(v); + }); + return q; +} + +var args = parse_query_string(); + +var subresources = { + css: { mimetype: 'text/css', file: 'file_stylesheet.css' }, + img: { mimetype: 'image/png', file: 'file_1x1.png' }, + script: { mimetype: 'text/javascript', file: 'file_priming.js' }, +}; + +function handler(ev) { + console.log("HSTS_PRIMING: Blocked "+args.id); +} + +function loadCss(src) { + let head = document.getElementsByTagName("head")[0]; + let link = document.createElement("link"); + link.setAttribute("rel", "stylesheet"); + link.setAttribute("type", subresources[args.type].mimetype); + link.setAttribute("href", src); + head.appendChild(link); +} + +function loadResource(src) { + let content = document.getElementById("content"); + let testElem = document.createElement(args.type); + testElem.setAttribute("id", args.id); + testElem.setAttribute("charset", "UTF-8"); + testElem.onerror = handler; + content.appendChild(testElem); + testElem.src = src; +} + +function loadTest() { + let subresource = subresources[args.type]; + + let src = "http://" + + args.host + + "/browser/dom/security/test/hsts/file_testserver.sjs" + + "?file=" +escape("browser/dom/security/test/hsts/" + subresource.file) + + "&primer=" + escape(args.id) + + "&mimetype=" + escape(subresource.mimetype) + ; + if (args.type == 'css') { + loadCss(src); + return; + } + + loadResource(src); +} + +// start running the tests +loadTest(); + +</script> +</body> +</html> |