Add m-esr52 at 52.6.0

31 files changed, 177 insertions, 0 deletions

diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-fail.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-fail.html
new file mode 100644
index 000000000..c0fb8173d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-fail.html
@@ -0,0 +1,4 @@
+<script>
+    alert('FAIL');
+
+</script>
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-pass.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-pass.html
new file mode 100644
index 000000000..50e753d0d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-pass.html
@@ -0,0 +1,4 @@
+<script>
+    alert('PASS');
+
+</script>
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/blue.css b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/blue.css
new file mode 100644
index 000000000..54aeecc12
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/blue.css
@@ -0,0 +1,3 @@
+.target {
+    background-color: blue;
+}
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/document-write-alert-fail.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/document-write-alert-fail.js
new file mode 100644
index 000000000..5e78ca0da
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/document-write-alert-fail.js
@@ -0,0 +1 @@
+document.write("<script>test(function () { assert_unreached('FAIL inline script from document.write ran') });</script>");
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/generate-csp-report.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/generate-csp-report.html
new file mode 100644
index 000000000..887f44f48
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/generate-csp-report.html
@@ -0,0 +1,7 @@
+<meta http-equiv="Content-Security-Policy" content="script-src 'self'; report-uri save-report.php?test=generate-csp-report.html">
+<script>
+    // This script block will trigger a violation report.
+    alert('FAIL');
+
+</script>
+<script src="go-to-echo-report.js"></script>
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/go-to-echo-report.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/go-to-echo-report.js
new file mode 100644
index 000000000..e220f2a47
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/go-to-echo-report.js
@@ -0,0 +1,12 @@
+if (window.testRunner) {
+    testRunner.dumpAsText();
+    testRunner.waitUntilDone();
+}
+
+window.onload = function() {
+    var test = window.location.pathname.replace(/^.+\//, '');
+    var match = window.location.search.match(/^\?test=([^&]+)/);
+    if (match)
+        test = match[1];
+    window.location = "/security/contentSecurityPolicy/resources/echo-report.php?test=" + test;
+}
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-image.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-image.js
new file mode 100644
index 000000000..1e1f93b39
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-image.js
@@ -0,0 +1,4 @@
+// This script block will trigger a violation report.
+var i = document.createElement('img');
+i.src = '/security/resources/abe.png';
+document.body.appendChild(i);
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-script.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-script.js
new file mode 100644
index 000000000..155371985
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-script.js
@@ -0,0 +1,5 @@
+document.write("<script>alert_assert('Pass 1 of 2');</script>");
+
+var s = document.createElement('script');
+s.textContent = "alert_assert('Pass 2 of 2');";
+document.body.appendChild(s);
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-style.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-style.js
new file mode 100644
index 000000000..532645a45
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-style.js
@@ -0,0 +1,5 @@
+document.write("<style>#test1 { display: none; }</style>");
+
+var s = document.createElement('style');
+s.textContent = "#test2 { display: none; }";
+document.body.appendChild(s);
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/post-message.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/post-message.js
new file mode 100644
index 000000000..69daa31d2
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/post-message.js
@@ -0,0 +1 @@
+postMessage("importScripts allowed");
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-fail.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-fail.html
new file mode 100644
index 000000000..a0308ad98
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-fail.html
@@ -0,0 +1,4 @@
+<script>
+    window.parent.postMessage('FAIL', '*');
+
+</script>
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-pass.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-pass.html
new file mode 100644
index 000000000..700167b5d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-pass.html
@@ -0,0 +1,4 @@
+<script>
+    window.parent.postMessage('PASS', '*');
+
+</script>
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/script.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/script.js
new file mode 100644
index 000000000..54eaf530c
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/script.js
@@ -0,0 +1,2 @@
+var result = document.getElementById("result");
+result.firstChild.nodeValue = result.attributes.getNamedItem("text").value;
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/set-cookie.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/set-cookie.js.sub.headers
new file mode 100644
index 000000000..1d5fbba17
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/set-cookie.js.sub.headers
@@ -0,0 +1 @@
+Set-Cookie: report-cookie=true
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-allowed.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-allowed.sub.js
new file mode 100644
index 000000000..28937d05d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-allowed.sub.js
@@ -0,0 +1,23 @@
+onconnect = function (event) {
+    var port = event.ports[0];
+    var xhr = new XMLHttpRequest;
+    xhr.onerror = function () {
+        port.postMessage("xhr blocked");
+        port.postMessage("TEST COMPLETE");
+    };
+    xhr.onload = function () {
+        if (xhr.responseText == "FAIL") {
+            port.postMessage("xhr allowed");
+        } else {
+            port.postMessage("xhr blocked");
+        }
+        port.postMessage("TEST COMPLETE");
+    };
+    try {
+        xhr.open("GET", "/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true);
+        xhr.send();
+    } catch (e) {
+        port.postMessage("xhr blocked");
+        port.postMessage("TEST COMPLETE");
+    }
+}
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js
new file mode 100644
index 000000000..28937d05d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js
@@ -0,0 +1,23 @@
+onconnect = function (event) {
+    var port = event.ports[0];
+    var xhr = new XMLHttpRequest;
+    xhr.onerror = function () {
+        port.postMessage("xhr blocked");
+        port.postMessage("TEST COMPLETE");
+    };
+    xhr.onload = function () {
+        if (xhr.responseText == "FAIL") {
+            port.postMessage("xhr allowed");
+        } else {
+            port.postMessage("xhr blocked");
+        }
+        port.postMessage("TEST COMPLETE");
+    };
+    try {
+        xhr.open("GET", "/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true);
+        xhr.send();
+    } catch (e) {
+        port.postMessage("xhr blocked");
+        port.postMessage("TEST COMPLETE");
+    }
+}
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js.sub.headers
new file mode 100644
index 000000000..ac7368c32
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: connect-src 'none'
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream
new file mode 100644
index 000000000..e467657bc
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream
@@ -0,0 +1 @@
+data: hello
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream.headers
new file mode 100644
index 000000000..9bb8badca
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream.headers
@@ -0,0 +1 @@
+Content-Type: text/event-stream
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/track.vtt b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/track.vtt
new file mode 100644
index 000000000..365e9ae15
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/track.vtt
@@ -0,0 +1 @@
+Subtitles!
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js
new file mode 100644
index 000000000..9aa87129a
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js
@@ -0,0 +1,5 @@
+var id = 0;
+try {
+    id = eval("1 + 2 + 3");
+} catch (e) {}
+postMessage(id === 0 ? "eval blocked" : "eval allowed");
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers
new file mode 100644
index 000000000..afdcc7c01
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: script-src 'unsafe-inline'
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js
new file mode 100644
index 000000000..03d9bf4cb
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js
@@ -0,0 +1,7 @@
+var fn = function() {
+    postMessage('Function() function blocked');
+}
+try {
+    fn = new Function("", "postMessage('Function() function allowed');");
+} catch (e) {}
+fn();
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers
new file mode 100644
index 000000000..afdcc7c01
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: script-src 'unsafe-inline'
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js
new file mode 100644
index 000000000..65ec6f446
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js
@@ -0,0 +1,6 @@
+try {
+    importScripts("/content-security-policy/blink-contrib/resources/post-message.js");
+    postMessage("importScripts allowed");
+} catch (e) {
+    postMessage("importScripts blocked");
+}
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers
new file mode 100644
index 000000000..57616b1fc
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: script-src 'none'
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js
new file mode 100644
index 000000000..22819d57a
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js
@@ -0,0 +1,21 @@
+var xhr = new XMLHttpRequest;
+xhr.onerror = function () {
+    postMessage("xhr blocked");
+    postMessage("TEST COMPLETE");
+};
+xhr.onload = function () {
+    //cons/**/ole.log(xhr.responseText);
+    if (xhr.responseText == "FAIL") {
+        postMessage("xhr allowed");
+    } else {
+        postMessage("xhr blocked");
+    }
+    postMessage("TEST COMPLETE");
+};
+try {
+    xhr.open("GET", "/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true);
+    xhr.send();
+} catch (e) {
+    postMessage("xhr blocked");
+    postMessage("TEST COMPLETE");
+}
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers
new file mode 100644
index 000000000..ac7368c32
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: connect-src 'none'
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js
new file mode 100644
index 000000000..73359a39e
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js
@@ -0,0 +1,21 @@
+var xhr = new XMLHttpRequest;
+xhr.onerror = function () {
+    postMessage("xhr blocked");
+    postMessage("TEST COMPLETE");
+};
+xhr.onload = function () {
+    //cons/**/ole.log(xhr.responseText);
+    if (xhr.responseText == "FAIL") {
+        postMessage("xhr allowed");
+    } else {
+        postMessage("xhr blocked");
+    }
+    postMessage("TEST COMPLETE");
+};
+try {
+    xhr.open("GET", "/common/redirect.py?location=http://{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true);
+    xhr.send();
+} catch (e) {
+    postMessage("xhr blocked");
+    postMessage("TEST COMPLETE");
+}
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js
new file mode 100644
index 000000000..a16827edd
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js
@@ -0,0 +1,5 @@
+var id = 0;
+try {
+    id = setTimeout("postMessage('handler invoked')", 100);
+} catch (e) {}
+postMessage(id === 0 ? "setTimeout blocked" : "setTimeout allowed");
diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers
new file mode 100644
index 000000000..57616b1fc
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: script-src 'none'