From 5f8de423f190bbb79a62f804151bc24824fa32d8 Mon Sep 17 00:00:00 2001 From: "Matt A. Tobin" Date: Fri, 2 Feb 2018 04:16:08 -0500 Subject: Add m-esr52 at 52.6.0 --- .../blink-contrib/resources/alert-fail.html | 4 ++++ .../blink-contrib/resources/alert-pass.html | 4 ++++ .../blink-contrib/resources/blue.css | 3 +++ .../resources/document-write-alert-fail.js | 1 + .../resources/generate-csp-report.html | 7 +++++++ .../blink-contrib/resources/go-to-echo-report.js | 12 +++++++++++ .../blink-contrib/resources/inject-image.js | 4 ++++ .../blink-contrib/resources/inject-script.js | 5 +++++ .../blink-contrib/resources/inject-style.js | 5 +++++ .../blink-contrib/resources/post-message.js | 1 + .../blink-contrib/resources/postmessage-fail.html | 4 ++++ .../blink-contrib/resources/postmessage-pass.html | 4 ++++ .../blink-contrib/resources/script.js | 2 ++ .../resources/set-cookie.js.sub.headers | 1 + .../shared-worker-make-xhr-allowed.sub.js | 23 ++++++++++++++++++++++ .../shared-worker-make-xhr-blocked.sub.js | 23 ++++++++++++++++++++++ ...ared-worker-make-xhr-blocked.sub.js.sub.headers | 1 + .../blink-contrib/resources/simple-event-stream | 1 + .../resources/simple-event-stream.headers | 1 + .../blink-contrib/resources/track.vtt | 1 + .../blink-contrib/resources/worker-eval.js | 5 +++++ .../resources/worker-eval.js.sub.headers | 1 + .../resources/worker-function-function.js | 7 +++++++ .../worker-function-function.js.sub.headers | 1 + .../resources/worker-importscripts.js | 6 ++++++ .../resources/worker-importscripts.js.sub.headers | 1 + .../resources/worker-make-xhr-blocked.sub.js | 21 ++++++++++++++++++++ .../worker-make-xhr-blocked.sub.js.sub.headers | 1 + .../blink-contrib/resources/worker-make-xhr.sub.js | 21 ++++++++++++++++++++ .../blink-contrib/resources/worker-set-timeout.js | 5 +++++ .../resources/worker-set-timeout.js.sub.headers | 1 + 31 files changed, 177 insertions(+) create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-fail.html create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-pass.html create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/blue.css create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/document-write-alert-fail.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/generate-csp-report.html create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/go-to-echo-report.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-image.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-script.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-style.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/post-message.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-fail.html create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-pass.html create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/script.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/set-cookie.js.sub.headers create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-allowed.sub.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js.sub.headers create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream.headers create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/track.vtt create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js create mode 100644 testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers (limited to 'testing/web-platform/tests/content-security-policy/blink-contrib/resources') diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-fail.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-fail.html new file mode 100644 index 000000000..c0fb8173d --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-fail.html @@ -0,0 +1,4 @@ + diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-pass.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-pass.html new file mode 100644 index 000000000..50e753d0d --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/alert-pass.html @@ -0,0 +1,4 @@ + diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/blue.css b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/blue.css new file mode 100644 index 000000000..54aeecc12 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/blue.css @@ -0,0 +1,3 @@ +.target { + background-color: blue; +} diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/document-write-alert-fail.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/document-write-alert-fail.js new file mode 100644 index 000000000..5e78ca0da --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/document-write-alert-fail.js @@ -0,0 +1 @@ +document.write(""); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/generate-csp-report.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/generate-csp-report.html new file mode 100644 index 000000000..887f44f48 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/generate-csp-report.html @@ -0,0 +1,7 @@ + + + diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/go-to-echo-report.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/go-to-echo-report.js new file mode 100644 index 000000000..e220f2a47 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/go-to-echo-report.js @@ -0,0 +1,12 @@ +if (window.testRunner) { + testRunner.dumpAsText(); + testRunner.waitUntilDone(); +} + +window.onload = function() { + var test = window.location.pathname.replace(/^.+\//, ''); + var match = window.location.search.match(/^\?test=([^&]+)/); + if (match) + test = match[1]; + window.location = "/security/contentSecurityPolicy/resources/echo-report.php?test=" + test; +} diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-image.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-image.js new file mode 100644 index 000000000..1e1f93b39 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-image.js @@ -0,0 +1,4 @@ +// This script block will trigger a violation report. +var i = document.createElement('img'); +i.src = '/security/resources/abe.png'; +document.body.appendChild(i); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-script.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-script.js new file mode 100644 index 000000000..155371985 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-script.js @@ -0,0 +1,5 @@ +document.write(""); + +var s = document.createElement('script'); +s.textContent = "alert_assert('Pass 2 of 2');"; +document.body.appendChild(s); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-style.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-style.js new file mode 100644 index 000000000..532645a45 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/inject-style.js @@ -0,0 +1,5 @@ +document.write(""); + +var s = document.createElement('style'); +s.textContent = "#test2 { display: none; }"; +document.body.appendChild(s); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/post-message.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/post-message.js new file mode 100644 index 000000000..69daa31d2 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/post-message.js @@ -0,0 +1 @@ +postMessage("importScripts allowed"); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-fail.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-fail.html new file mode 100644 index 000000000..a0308ad98 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-fail.html @@ -0,0 +1,4 @@ + diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-pass.html b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-pass.html new file mode 100644 index 000000000..700167b5d --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/postmessage-pass.html @@ -0,0 +1,4 @@ + diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/script.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/script.js new file mode 100644 index 000000000..54eaf530c --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/script.js @@ -0,0 +1,2 @@ +var result = document.getElementById("result"); +result.firstChild.nodeValue = result.attributes.getNamedItem("text").value; diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/set-cookie.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/set-cookie.js.sub.headers new file mode 100644 index 000000000..1d5fbba17 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/set-cookie.js.sub.headers @@ -0,0 +1 @@ +Set-Cookie: report-cookie=true \ No newline at end of file diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-allowed.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-allowed.sub.js new file mode 100644 index 000000000..28937d05d --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-allowed.sub.js @@ -0,0 +1,23 @@ +onconnect = function (event) { + var port = event.ports[0]; + var xhr = new XMLHttpRequest; + xhr.onerror = function () { + port.postMessage("xhr blocked"); + port.postMessage("TEST COMPLETE"); + }; + xhr.onload = function () { + if (xhr.responseText == "FAIL") { + port.postMessage("xhr allowed"); + } else { + port.postMessage("xhr blocked"); + } + port.postMessage("TEST COMPLETE"); + }; + try { + xhr.open("GET", "/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true); + xhr.send(); + } catch (e) { + port.postMessage("xhr blocked"); + port.postMessage("TEST COMPLETE"); + } +} \ No newline at end of file diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js new file mode 100644 index 000000000..28937d05d --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js @@ -0,0 +1,23 @@ +onconnect = function (event) { + var port = event.ports[0]; + var xhr = new XMLHttpRequest; + xhr.onerror = function () { + port.postMessage("xhr blocked"); + port.postMessage("TEST COMPLETE"); + }; + xhr.onload = function () { + if (xhr.responseText == "FAIL") { + port.postMessage("xhr allowed"); + } else { + port.postMessage("xhr blocked"); + } + port.postMessage("TEST COMPLETE"); + }; + try { + xhr.open("GET", "/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true); + xhr.send(); + } catch (e) { + port.postMessage("xhr blocked"); + port.postMessage("TEST COMPLETE"); + } +} \ No newline at end of file diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js.sub.headers new file mode 100644 index 000000000..ac7368c32 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/shared-worker-make-xhr-blocked.sub.js.sub.headers @@ -0,0 +1 @@ +Content-Security-Policy: connect-src 'none' \ No newline at end of file diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream new file mode 100644 index 000000000..e467657bc --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream @@ -0,0 +1 @@ +data: hello diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream.headers new file mode 100644 index 000000000..9bb8badca --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/simple-event-stream.headers @@ -0,0 +1 @@ +Content-Type: text/event-stream diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/track.vtt b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/track.vtt new file mode 100644 index 000000000..365e9ae15 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/track.vtt @@ -0,0 +1 @@ +Subtitles! diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js new file mode 100644 index 000000000..9aa87129a --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js @@ -0,0 +1,5 @@ +var id = 0; +try { + id = eval("1 + 2 + 3"); +} catch (e) {} +postMessage(id === 0 ? "eval blocked" : "eval allowed"); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers new file mode 100644 index 000000000..afdcc7c01 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-eval.js.sub.headers @@ -0,0 +1 @@ +Content-Security-Policy: script-src 'unsafe-inline' diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js new file mode 100644 index 000000000..03d9bf4cb --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js @@ -0,0 +1,7 @@ +var fn = function() { + postMessage('Function() function blocked'); +} +try { + fn = new Function("", "postMessage('Function() function allowed');"); +} catch (e) {} +fn(); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers new file mode 100644 index 000000000..afdcc7c01 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-function-function.js.sub.headers @@ -0,0 +1 @@ +Content-Security-Policy: script-src 'unsafe-inline' diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js new file mode 100644 index 000000000..65ec6f446 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js @@ -0,0 +1,6 @@ +try { + importScripts("/content-security-policy/blink-contrib/resources/post-message.js"); + postMessage("importScripts allowed"); +} catch (e) { + postMessage("importScripts blocked"); +} diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers new file mode 100644 index 000000000..57616b1fc --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-importscripts.js.sub.headers @@ -0,0 +1 @@ +Content-Security-Policy: script-src 'none' diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js new file mode 100644 index 000000000..22819d57a --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js @@ -0,0 +1,21 @@ +var xhr = new XMLHttpRequest; +xhr.onerror = function () { + postMessage("xhr blocked"); + postMessage("TEST COMPLETE"); +}; +xhr.onload = function () { + //cons/**/ole.log(xhr.responseText); + if (xhr.responseText == "FAIL") { + postMessage("xhr allowed"); + } else { + postMessage("xhr blocked"); + } + postMessage("TEST COMPLETE"); +}; +try { + xhr.open("GET", "/common/redirect.py?location=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true); + xhr.send(); +} catch (e) { + postMessage("xhr blocked"); + postMessage("TEST COMPLETE"); +} \ No newline at end of file diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers new file mode 100644 index 000000000..ac7368c32 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr-blocked.sub.js.sub.headers @@ -0,0 +1 @@ +Content-Security-Policy: connect-src 'none' \ No newline at end of file diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js new file mode 100644 index 000000000..73359a39e --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-make-xhr.sub.js @@ -0,0 +1,21 @@ +var xhr = new XMLHttpRequest; +xhr.onerror = function () { + postMessage("xhr blocked"); + postMessage("TEST COMPLETE"); +}; +xhr.onload = function () { + //cons/**/ole.log(xhr.responseText); + if (xhr.responseText == "FAIL") { + postMessage("xhr allowed"); + } else { + postMessage("xhr blocked"); + } + postMessage("TEST COMPLETE"); +}; +try { + xhr.open("GET", "/common/redirect.py?location=http://{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis", true); + xhr.send(); +} catch (e) { + postMessage("xhr blocked"); + postMessage("TEST COMPLETE"); +} \ No newline at end of file diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js new file mode 100644 index 000000000..a16827edd --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js @@ -0,0 +1,5 @@ +var id = 0; +try { + id = setTimeout("postMessage('handler invoked')", 100); +} catch (e) {} +postMessage(id === 0 ? "setTimeout blocked" : "setTimeout allowed"); diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers new file mode 100644 index 000000000..57616b1fc --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/blink-contrib/resources/worker-set-timeout.js.sub.headers @@ -0,0 +1 @@ +Content-Security-Policy: script-src 'none' -- cgit v1.2.3