diff options
Diffstat (limited to 'dom/base/test/test_bug704320_policyset.html')
-rw-r--r-- | dom/base/test/test_bug704320_policyset.html | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/dom/base/test/test_bug704320_policyset.html b/dom/base/test/test_bug704320_policyset.html new file mode 100644 index 000000000..8188a9480 --- /dev/null +++ b/dom/base/test/test_bug704320_policyset.html @@ -0,0 +1,104 @@ +<!DOCTYPE HTML> +<html> +<!-- +This checks if the right policies are applied from a given string (including whitespace, invalid policy strings, etc). It doesn't do a complete check for all load types; that's done in another test. +https://bugzilla.mozilla.org/show_bug.cgi?id=704320 +--> + +<head> + <meta charset="utf-8"> + <title>Test policies for Bug 704320</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <script type="application/javascript" src="referrerHelper.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> + +<script type="application/javascript;version=1.7"> + +SimpleTest.waitForExplicitFinish(); +var advance = function() { tests.next(); }; + +/** + * This is the main test routine -- serialized by use of a generator. + * It resets the counter, then performs two tests in sequence using + * the same iframe. + */ +var tests = (function() { + var iframe = document.getElementById("testframe"); + const sjs = "/tests/dom/base/test/bug704320.sjs?action=generate-policy-test"; + + + // basic calibration check + // reset the counter + yield resetCounter(); + + // load the first test frame + // it will call back into this function via postMessage when it finishes loading. + // and continue beyond the yield. + yield iframe.src = sjs + "&policy=" + escape('default'); + + // check the first test (two images, no referrers) + yield checkIndividualResults("default", ["full"]); + + // check invalid policy + // According to the spec section Determine token's Policy,if there is a policy + // token and it is not one of the expected tokens, Empty string should be the + // policy used. + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape('invalid-policy'); + yield checkIndividualResults("invalid", ["full"]); + + // whitespace checks. + // according to the spec section 4.1, the content attribute's value + // is fed to the token policy algorithm after stripping leading and + // trailing whitespace. + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape('default '); + yield checkIndividualResults("trailing whitespace", ["full"]); + + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape(' origin\f'); + yield checkIndividualResults("trailing form feed", ["origin"]); + + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape('\f origin'); + yield checkIndividualResults("leading form feed", ["origin"]); + + // origin when cross-origin (trimming whitespace) + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape(' origin-when-cross-origin'); + yield checkIndividualResults("origin-when-cross-origin", ["origin", "full"]); + + // according to the spec section 4.1: + // "If the meta element lacks a content attribute, or if that attribute’s + // value is the empty string, then abort these steps." + // This means empty or missing content attribute means to ignore the meta + // tag and use default policy. + // Whitespace here is space, tab, LF, FF and CR. + // http://www.w3.org/html/wg/drafts/html/CR/infrastructure.html#space-character + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape(' \t '); + yield checkIndividualResults("basic whitespace only policy", ["full"]); + + // and double-check that no-referrer works. + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape('no-referrer'); + yield checkIndividualResults("no-referrer", ["none"]); + + // Case insensitive + yield resetCounter(); + yield iframe.src = sjs + "&policy=" + escape('\f OrigIn'); + yield checkIndividualResults("origin case insensitive", ["origin"]); + + // complete. Be sure to yield so we don't call this twice. + yield SimpleTest.finish(); +})(); + +</script> +</head> + +<body onload="tests.next();"> + <iframe id="testframe"></iframe> + +</body> +</html> + |