diff options
| author | Moonchild <moonchild@palemoon.org> | 2021-02-25 01:03:57 +0000 |
|---|---|---|
| committer | Moonchild <moonchild@palemoon.org> | 2021-02-25 01:03:57 +0000 |
| commit | ceadffab6b357723981a429e11222daf6cd6dcfb (patch) | |
| tree | 5603053048d6a460f79b22bdf165fb74d32d39b0 /testing/web-platform/tests/subresource-integrity | |
| parent | 14fb2f966e9b54598c451e3cb35b4aa0480dafed (diff) | |
| parent | ad5a13bd501e379517da1a944c104a11d951a3f5 (diff) | |
| download | UXP-RC_20210225.tar UXP-RC_20210225.tar.gz UXP-RC_20210225.tar.lz UXP-RC_20210225.tar.xz UXP-RC_20210225.zip | |
Merge branch 'master' into releaseRC_20210225
Diffstat (limited to 'testing/web-platform/tests/subresource-integrity')
18 files changed, 0 insertions, 704 deletions
diff --git a/testing/web-platform/tests/subresource-integrity/OWNERS b/testing/web-platform/tests/subresource-integrity/OWNERS deleted file mode 100644 index 8f7edaa35..000000000 --- a/testing/web-platform/tests/subresource-integrity/OWNERS +++ /dev/null @@ -1,6 +0,0 @@ -@metromoxie -@fmarier -@jonathanKingston -@mikewest -@hillbrad -@mastahyeti diff --git a/testing/web-platform/tests/subresource-integrity/alternate.css b/testing/web-platform/tests/subresource-integrity/alternate.css deleted file mode 100644 index 0ea6d22ec..000000000 --- a/testing/web-platform/tests/subresource-integrity/alternate.css +++ /dev/null @@ -1 +0,0 @@ -.testdiv{ background-color: red } diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-script.js b/testing/web-platform/tests/subresource-integrity/crossorigin-anon-script.js deleted file mode 100644 index 8493585f1..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-script.js +++ /dev/null @@ -1 +0,0 @@ -crossorigin_anon_script=true;
\ No newline at end of file diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-script.js.headers b/testing/web-platform/tests/subresource-integrity/crossorigin-anon-script.js.headers deleted file mode 100644 index cb762eff8..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-script.js.headers +++ /dev/null @@ -1 +0,0 @@ -Access-Control-Allow-Origin: * diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-style.css b/testing/web-platform/tests/subresource-integrity/crossorigin-anon-style.css deleted file mode 100644 index 3cde4df12..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-style.css +++ /dev/null @@ -1 +0,0 @@ -.testdiv{ background-color: yellow } diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-style.css.headers b/testing/web-platform/tests/subresource-integrity/crossorigin-anon-style.css.headers deleted file mode 100644 index cb762eff8..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-anon-style.css.headers +++ /dev/null @@ -1 +0,0 @@ -Access-Control-Allow-Origin: * diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-script.js b/testing/web-platform/tests/subresource-integrity/crossorigin-creds-script.js deleted file mode 100644 index 6f39e25b4..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-script.js +++ /dev/null @@ -1 +0,0 @@ -crossorigin_creds_script=true;
\ No newline at end of file diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-script.js.sub.headers b/testing/web-platform/tests/subresource-integrity/crossorigin-creds-script.js.sub.headers deleted file mode 100644 index d6af1f0de..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-script.js.sub.headers +++ /dev/null @@ -1,2 +0,0 @@ -Access-Control-Allow-Origin: {{location[scheme]}}://{{domains[]}}{{GET[acao_port]}} -Access-Control-Allow-Credentials: true diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-style.css b/testing/web-platform/tests/subresource-integrity/crossorigin-creds-style.css deleted file mode 100644 index 3cde4df12..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-style.css +++ /dev/null @@ -1 +0,0 @@ -.testdiv{ background-color: yellow } diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-style.css.sub.headers b/testing/web-platform/tests/subresource-integrity/crossorigin-creds-style.css.sub.headers deleted file mode 100644 index d6af1f0de..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-creds-style.css.sub.headers +++ /dev/null @@ -1,2 +0,0 @@ -Access-Control-Allow-Origin: {{location[scheme]}}://{{domains[]}}{{GET[acao_port]}} -Access-Control-Allow-Credentials: true diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-ineligible-script.js b/testing/web-platform/tests/subresource-integrity/crossorigin-ineligible-script.js deleted file mode 100644 index dd2f968ef..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-ineligible-script.js +++ /dev/null @@ -1 +0,0 @@ -crossorigin_ineligible_script=true;
\ No newline at end of file diff --git a/testing/web-platform/tests/subresource-integrity/crossorigin-ineligible-style.css b/testing/web-platform/tests/subresource-integrity/crossorigin-ineligible-style.css deleted file mode 100644 index 3cde4df12..000000000 --- a/testing/web-platform/tests/subresource-integrity/crossorigin-ineligible-style.css +++ /dev/null @@ -1 +0,0 @@ -.testdiv{ background-color: yellow } diff --git a/testing/web-platform/tests/subresource-integrity/matching-digest.js b/testing/web-platform/tests/subresource-integrity/matching-digest.js deleted file mode 100644 index ec41325e4..000000000 --- a/testing/web-platform/tests/subresource-integrity/matching-digest.js +++ /dev/null @@ -1 +0,0 @@ -matching_digest=true;
\ No newline at end of file diff --git a/testing/web-platform/tests/subresource-integrity/non-matching-digest.js b/testing/web-platform/tests/subresource-integrity/non-matching-digest.js deleted file mode 100644 index 1b4943ee0..000000000 --- a/testing/web-platform/tests/subresource-integrity/non-matching-digest.js +++ /dev/null @@ -1 +0,0 @@ -non_matching_digest=true;
\ No newline at end of file diff --git a/testing/web-platform/tests/subresource-integrity/style.css b/testing/web-platform/tests/subresource-integrity/style.css deleted file mode 100644 index 3cde4df12..000000000 --- a/testing/web-platform/tests/subresource-integrity/style.css +++ /dev/null @@ -1 +0,0 @@ -.testdiv{ background-color: yellow } diff --git a/testing/web-platform/tests/subresource-integrity/subresource-integrity.sub.html b/testing/web-platform/tests/subresource-integrity/subresource-integrity.sub.html deleted file mode 100644 index 89ae018e4..000000000 --- a/testing/web-platform/tests/subresource-integrity/subresource-integrity.sub.html +++ /dev/null @@ -1,573 +0,0 @@ -<!DOCTYPE html> -<meta charset=utf-8> -<title>Subresource Integrity</title> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> - -<div id="log"></div> - -<div id="container"></div> -<script> - // This horrible hack is needed for the 'use-credentials' tests because, on - // response, if port 80 or 443 is the current port, it will not appear to - // the browser as part of the origin string. Since the origin *string* is - // used for CORS access control, instead of the origin itself, if there - // isn't an exact string match, the check will fail. For example, - // "http://example.com" would not match "http://example.com:80", because - // they are not exact string matches, even though the origins are the same. - // - // Thus, we only want the Access-Control-Allow-Origin header to have - // the port if it's not port 80 or 443, since the user agent will elide the - // ports in those cases. - var main_domain = "{{domains[]}}"; - var www_domain = "{{domains[www]}}"; - var default_port = "{{ports[http][0]}}"; - if (location.protocol === "https:") { - default_port = "{{ports[https][0]}}"; - } - - var port_string = ""; - if (default_port !== "80" && default_port !== "443") - port_string = ":" + default_port; - - www_host_and_port = www_domain + port_string; - - // <script> tests - var xorigin_anon_script = location.protocol - + '//' + www_host_and_port - + '/subresource-integrity/crossorigin-anon-script.js'; - - var xorigin_creds_script = location.protocol - + '//' + www_host_and_port - + '/subresource-integrity/crossorigin-creds-script.js?acao_port=' - + port_string; - - var xorigin_ineligible_script = location.protocol - + '//' + www_host_and_port - + '/subresource-integrity/crossorigin-ineligible-script.js'; - - var SRIScriptTest = function(pass, name, src, integrityValue, crossoriginValue) { - this.pass = pass; - this.name = "Script: " + name; - this.src = src; - this.integrityValue = integrityValue; - this.crossoriginValue = crossoriginValue; - } - - SRIScriptTest.prototype.execute = function() { - var test = async_test(this.name); - var e = document.createElement("script"); - e.src = this.src; - e.setAttribute("integrity", this.integrityValue); - if(this.crossoriginValue) { - e.setAttribute("crossorigin", this.crossoriginValue); - } - if(this.pass) { - e.addEventListener("load", function() {test.done()}); - e.addEventListener("error", function() { - test.step(function(){ assert_unreached("Good load fired error handler.") }) - }); - } else { - e.addEventListener("load", function() { - test.step(function() { assert_unreached("Bad load succeeded.") }) - }); - e.addEventListener("error", function() {test.done()}); - } - document.body.appendChild(e); - }; - - // Note that all of these style URLs have query parameters started, so any - // additional parameters should be appended starting with '&'. - var xorigin_anon_style = location.protocol - + '//' + www_host_and_port - + '/subresource-integrity/crossorigin-anon-style.css?'; - - var xorigin_creds_style = location.protocol - + '//' + www_host_and_port - + '/subresource-integrity/crossorigin-creds-style.css?acao_port=' - + port_string; - - var xorigin_ineligible_style = location.protocol - + '//' + www_host_and_port - + '/subresource-integrity/crossorigin-ineligible-style.css?'; - - // <link> tests - // Style tests must be done synchronously because they rely on the presence - // and absence of global style, which can affect later tests. Thus, instead - // of executing them one at a time, the style tests are implemented as a - // queue that builds up a list of tests, and then executes them one at a - // time. - var SRIStyleTest = function(queue, pass, name, attrs, customCallback, altPassValue) { - this.pass = pass; - this.name = "Style: " + name; - this.customCallback = customCallback || function () {}; - this.attrs = attrs || {}; - this.passValue = altPassValue || "rgb(255, 255, 0)"; - - this.test = async_test(this.name); - - this.queue = queue; - this.queue.push(this); - } - - SRIStyleTest.prototype.execute = function() { - var that = this; - var container = document.getElementById("container"); - while (container.hasChildNodes()) { - container.removeChild(container.firstChild); - } - - var test = this.test; - - var div = document.createElement("div"); - div.className = "testdiv"; - var e = document.createElement("link"); - this.attrs.rel = this.attrs.rel || "stylesheet"; - for (var key in this.attrs) { - if (this.attrs.hasOwnProperty(key)) { - e.setAttribute(key, this.attrs[key]); - } - } - - if(this.pass) { - e.addEventListener("load", function() { - test.step(function() { - var background = window.getComputedStyle(div, null).getPropertyValue("background-color"); - assert_equals(background, that.passValue); - test.done(); - }); - }); - e.addEventListener("error", function() { - test.step(function(){ assert_unreached("Good load fired error handler.") }) - }); - } else { - e.addEventListener("load", function() { - test.step(function() { assert_unreached("Bad load succeeded.") }) - }); - e.addEventListener("error", function() { - test.step(function() { - var background = window.getComputedStyle(div, null).getPropertyValue("background-color"); - assert_not_equals(background, that.passValue); - test.done(); - }); - }); - } - container.appendChild(div); - container.appendChild(e); - this.customCallback(e, container); - }; - - var style_tests = []; - style_tests.execute = function() { - if (this.length > 0) { - this.shift().execute(); - } - } - add_result_callback(function(res) { - if (res.name.startsWith("Style: ")) { - style_tests.execute(); - } - }); - - // Script tests - new SRIScriptTest( - true, - "Same-origin with correct sha256 hash.", - "matching-digest.js", - "sha256-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E=" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with correct sha384 hash.", - "matching-digest.js", - "sha384-BDRTPSywZFyxfLEAzaLcL4FfERBgJgXfEkuT0r04LG93Yqn1PWNYPZMomaqEfE3H" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with correct sha512 hash.", - "matching-digest.js", - "sha512-geByvIIRspbnUnwooKGNNCb39nvg+EW0O9hDScTXeo/9pVZztLSUYU3LNV6H0lZapo8bCJUpyPPLAzE9fDzpxg==" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with empty integrity.", - "matching-digest.js", - "" - ).execute(); - - new SRIScriptTest( - false, - "Same-origin with incorrect hash.", - "non-matching-digest.js", - "sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with multiple sha256 hashes, including correct.", - "matching-digest.js", - "sha256-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E= sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with multiple sha256 hashes, including unknown algorithm.", - "matching-digest.js", - "sha256-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E= foo666-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with sha256 mismatch, sha512 match", - "matching-digest.js", - "sha512-geByvIIRspbnUnwooKGNNCb39nvg+EW0O9hDScTXeo/9pVZztLSUYU3LNV6H0lZapo8bCJUpyPPLAzE9fDzpxg== sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - ).execute(); - - new SRIScriptTest( - false, - "Same-origin with sha256 match, sha512 mismatch", - "matching-digest.js", - "sha512-deadbeefspbnUnwooKGNNCb39nvg+EW0O9hDScTXeo/9pVZztLSUYU3LNV6H0lZapo8bCJUpyPPLAzE9fDzpxg== sha256-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E=" - ).execute(); - - new SRIScriptTest( - true, - "<crossorigin='anonymous'> with correct hash, ACAO: *", - xorigin_anon_script, - "sha256-51AjITq701Y0yKSx3/UoIKtIY2UQ9+H8WGyyMuOWOC0=", - "anonymous" - ).execute(); - - new SRIScriptTest( - false, - "<crossorigin='anonymous'> with incorrect hash, ACAO: *", - xorigin_anon_script, - "sha256-deadbeefcSLlbFZCj1OACLxTxVck2TOrBTEdUbwz1yU=", - "anonymous" - ).execute(); - - new SRIScriptTest( - true, - "<crossorigin='use-credentials'> with correct hash, CORS-eligible", - xorigin_creds_script, - "sha256-IaGApVboXPQxVSm2wVFmhMq1Yu37gWklajgMdxKLIvc=", - "use-credentials" - ).execute(); - - new SRIScriptTest( - false, - "<crossorigin='use-credentials'> with incorrect hash CORS-eligible", - xorigin_creds_script, - "sha256-deadbeef2S+pTRZgiw3DWrhC6JLDlt2zRyGpwH7unU8=", - "use-credentials" - ).execute(); - - new SRIScriptTest( - false, - "<crossorigin='anonymous'> with CORS-ineligible resource", - xorigin_ineligible_script, - "sha256-F5fXKTX7SiWjtgybxiBZIo2qhh2WiQnNx372E60XrOo=", - "anonymous" - ).execute(); - - new SRIScriptTest( - false, - "Cross-origin, not CORS request, with correct hash", - xorigin_anon_script, - "sha256-51AjITq701Y0yKSx3/UoIKtIY2UQ9+H8WGyyMuOWOC0=" - ).execute(); - - new SRIScriptTest( - false, - "Cross-origin, not CORS request, with hash mismatch", - xorigin_anon_script, - "sha256-deadbeef01Y0yKSx3/UoIKtIY2UQ9+H8WGyyMuOWOC0=" - ).execute(); - - new SRIScriptTest( - true, - "Cross-origin, empty integrity", - xorigin_anon_script, - "" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with correct hash, options.", - "matching-digest.js", - "sha256-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E=?foo=bar?spam=eggs" - ).execute(); - - new SRIScriptTest( - true, - "Same-origin with unknown algorithm only.", - "matching-digest.js", - "foo666-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E=" - ).execute(); - - // Style tests - new SRIStyleTest( - style_tests, - true, - "Same-origin with correct sha256 hash", - { - href: "style.css?1", - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with correct sha384 hash", - { - href: "style.css?2", - integrity: "sha384-wDAWxH4tOWBwAwHfBn9B7XuNmFxHTMeigAMwn0iVQ0zq3FtmYMLxihcGnU64CwcX" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with correct sha512 hash", - { - href: "style.css?3", - integrity: "sha512-9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42laL93Be/IF6YYZHHF4esitVYxiwpY2HSZX4l6w==" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with empty integrity", - { - href: "style.css?4", - integrity: "" - } - ); - - new SRIStyleTest( - style_tests, - false, - "Same-origin with incorrect hash.", - { - href: "style.css?5", - integrity: "sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with multiple sha256 hashes, including correct.", - { - href: "style.css?6", - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4= sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with multiple sha256 hashes, including unknown algorithm.", - { - href: "style.css?7", - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4= foo666-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with sha256 mismatch, sha512 match", - { - href: "style.css?8", - integrity: "sha512-9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42laL93Be/IF6YYZHHF4esitVYxiwpY2HSZX4l6w== sha256-deadbeefdeadbeefdeadbeefdeadbeefdeadbeefdead" - } - ); - - new SRIStyleTest( - style_tests, - false, - "Same-origin with sha256 match, sha512 mismatch", - { - href: "style.css?9", - integrity: "sha512-deadbeef9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42laL93Be/IF6YYZHHF4esitVYxiwpY2== sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=" - } - ); - - new SRIStyleTest( - style_tests, - true, - "<crossorigin='anonymous'> with correct hash, ACAO: *", - { - href: xorigin_anon_style + '&1', - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", - crossorigin: "anonymous" - } - ); - - new SRIStyleTest( - style_tests, - false, - "<crossorigin='anonymous'> with incorrect hash, ACAO: *", - { - href: xorigin_anon_style + '&2', - integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=", - crossorigin: "anonymous" - } - ); - - new SRIStyleTest( - style_tests, - true, - "<crossorigin='use-credentials'> with correct hash, CORS-eligible", - { - href: xorigin_creds_style + '&1', - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", - crossorigin: "use-credentials" - } - ); - - new SRIStyleTest( - style_tests, - false, - "<crossorigin='use-credentials'> with incorrect hash CORS-eligible", - { - href: xorigin_creds_style + '&2', - integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=", - crossorigin: "use-credentials" - } - ); - - new SRIStyleTest( - style_tests, - false, - "<crossorigin='anonymous'> with CORS-ineligible resource", - { - href: xorigin_ineligible_style + '&1', - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", - crossorigin: "anonymous" - } - ); - - new SRIStyleTest( - style_tests, - false, - "Cross-origin, not CORS request, with correct hash", - { - href: xorigin_anon_style + '&3', - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=" - } - ); - - new SRIStyleTest( - style_tests, - false, - "Cross-origin, not CORS request, with hash mismatch", - { - href: xorigin_anon_style + '&4', - integrity: "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk=" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Cross-origin, empty integrity", - { - href: xorigin_anon_style + '&5', - integrity: "" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with correct hash, options.", - { - href: "style.css?10", - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=?foo=bar?spam=eggs" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with unknown algorithm only.", - { - href: "style.css?11", - integrity: "foo666-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=?foo=bar?spam=eggs" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with correct sha256 hash, rel='stylesheet license'", - { - href: "style.css?12", - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", - rel: "stylesheet license" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with correct sha256 hash, rel='license stylesheet'", - { - href: "style.css?13", - integrity: "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4=", - rel: "license stylesheet" - } - ); - - new SRIStyleTest( - style_tests, - true, - "Same-origin with correct sha256 and sha512 hash, rel='alternate stylesheet' enabled", - { - href: "alternate.css?1", - title: "alt", - type: "text/css", - class: "alternate", - disabled: "disabled", - rel: "alternate stylesheet", - integrity: "sha256-phbz83bWhnLig+d2VPKrRrTRyhqoDRo1ruGqZLZ0= sha512-8OYEB7ktnzcb6h+kB9CUIuc8qvKIyLpygRJdQSEEycRy74dUsB+Yu9rSjpOPjRUblle8WWX9Gn7v39LK2Oceig==", - }, - function (link, container) { - var alternate = document.querySelector('link.alternate'); - alternate.disabled = false; - }, - "rgb(255, 0, 0)" - ); - - new SRIStyleTest( - style_tests, - false, - "Same-origin with incorrect sha256 and sha512 hash, rel='alternate stylesheet' enabled", - { - href: "alternate.css?2", - title: "alt", - type: "text/css", - class: "alternate", - disabled: "disabled", - rel: "alternate stylesheet", - integrity: "sha256-fail83bWhnLig+d2VPKrRrTRyhqoDRo1ruGqZLZ0= sha512-failB7ktnzcb6h+kB9CUIuc8qvKIyLpygRJdQSEEycRy74dUsB+Yu9rSjpOPjRUblle8WWX9Gn7v39LK2Oceig==", - }, - function (link, container) { - var alternate = document.querySelector('link.alternate'); - alternate.disabled = false; - } - ); - - style_tests.execute(); - -</script> -<!-- TODO check cache-poisoned resources, transfer-encoding, 3xx redirect - to resource with matching hash, and cross-origin leakage test as in sec5.3. - --> diff --git a/testing/web-platform/tests/subresource-integrity/tools/generate_javascript.py b/testing/web-platform/tests/subresource-integrity/tools/generate_javascript.py deleted file mode 100644 index 184a39451..000000000 --- a/testing/web-platform/tests/subresource-integrity/tools/generate_javascript.py +++ /dev/null @@ -1,52 +0,0 @@ -from os import path, listdir -from hashlib import sha512, sha256, md5 -from base64 import b64encode -import re - -JS_DIR = path.normpath(path.join(__file__, "..", "..")) - -''' -Yield each file in the javascript directory -''' -def js_files(): - for f in listdir(JS_DIR): - if path.isfile(f) and f.endswith(".js"): - yield f - -''' -URL-safe base64 encode a binary digest and strip any padding. -''' -def format_digest(digest): - return b64encode(digest) - -''' -Generate an encoded sha512 URI. -''' -def sha512_uri(content): - return "sha512-%s" % format_digest(sha512(content).digest()) - -''' -Generate an encoded sha256 URI. -''' -def sha256_uri(content): - return "sha256-%s" % format_digest(sha256(content).digest()) - -''' -Generate an encoded md5 digest URI. -''' -def md5_uri(content): - return "md5-%s" % format_digest(md5(content).digest()) - -def main(): - for file in js_files(): - print "Generating content for %s" % file - base = path.splitext(path.basename(file))[0] - var_name = re.sub(r"[^a-z0-9]", "_", base) - content = "%s=true;" % var_name - with open(file, "w") as f: f.write(content) - print "\tSHA512 integrity: %s" % sha512_uri(content) - print "\tSHA256 integrity: %s" % sha256_uri(content) - print "\tMD5 integrity: %s" % md5_uri(content) - -if __name__ == "__main__": - main() diff --git a/testing/web-platform/tests/subresource-integrity/tools/list_hashes.py b/testing/web-platform/tests/subresource-integrity/tools/list_hashes.py deleted file mode 100644 index 5e3830ab6..000000000 --- a/testing/web-platform/tests/subresource-integrity/tools/list_hashes.py +++ /dev/null @@ -1,57 +0,0 @@ -from os import path, listdir -from hashlib import sha512, sha384, sha256, md5 -from base64 import b64encode -import re - -DIR = path.normpath(path.join(__file__, "..", "..")) - -''' -Yield each javascript and css file in the directory -''' -def js_and_css_files(): - for f in listdir(DIR): - if path.isfile(f) and (f.endswith(".js") or f.endswith(".css")): - yield f - -''' -URL-safe base64 encode a binary digest and strip any padding. -''' -def format_digest(digest): - return b64encode(digest) - -''' -Generate an encoded sha512 URI. -''' -def sha512_uri(content): - return "sha512-%s" % format_digest(sha512(content).digest()) - -''' -Generate an encoded sha384 URI. -''' -def sha384_uri(content): - return "sha384-%s" % format_digest(sha384(content).digest()) - -''' -Generate an encoded sha256 URI. -''' -def sha256_uri(content): - return "sha256-%s" % format_digest(sha256(content).digest()) - -''' -Generate an encoded md5 digest URI. -''' -def md5_uri(content): - return "md5-%s" % format_digest(md5(content).digest()) - -def main(): - for file in js_and_css_files(): - print "Listing hash values for %s" % file - with open(file, "r") as content_file: - content = content_file.read() - print "\tSHA512 integrity: %s" % sha512_uri(content) - print "\tSHA384 integrity: %s" % sha384_uri(content) - print "\tSHA256 integrity: %s" % sha256_uri(content) - print "\tMD5 integrity: %s" % md5_uri(content) - -if __name__ == "__main__": - main() |