dom/security/test/csp/file_frameancestors_main.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

// Script to populate the test frames in the frame ancestors mochitest.
//
function setupFrames() {

  var $ = function(v) { return document.getElementById(v); }
  var base = {
        self: '/tests/dom/security/test/csp/file_frameancestors.sjs',
        a: 'http://mochi.test:8888/tests/dom/security/test/csp/file_frameancestors.sjs',
        b: 'http://example.com/tests/dom/security/test/csp/file_frameancestors.sjs'
  };

  var host = { a: 'http://mochi.test:8888', b: 'http://example.com:80' };

  var innerframeuri = null;
  var elt = null;

  elt = $('aa_allow');
  elt.src = base.a + "?testid=aa_allow&internalframe=aa_a&csp=" +
            escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");

  elt = $('aa_block');
  elt.src = base.a + "?testid=aa_block&internalframe=aa_b&csp=" +
            escape("default-src 'none'; frame-ancestors 'none'; script-src 'self'");

  elt = $('ab_allow');
  elt.src = base.b + "?testid=ab_allow&internalframe=ab_a&csp=" +
            escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");

  elt = $('ab_block');
  elt.src = base.b + "?testid=ab_block&internalframe=ab_b&csp=" +
            escape("default-src 'none'; frame-ancestors 'none'; script-src 'self'");

   /* .... two-level framing */
  elt = $('aba_allow');
  innerframeuri = base.a + "?testid=aba_allow&double=1&internalframe=aba_a&csp=" +
                  escape("default-src 'none'; frame-ancestors " + host.a + " " + host.b + "; script-src 'self'");
  elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');

  elt = $('aba_block');
  innerframeuri = base.a + "?testid=aba_allow&double=1&internalframe=aba_b&csp=" +
                  escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");
  elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');

  elt = $('aba2_block');
  innerframeuri = base.a + "?testid=aba_allow&double=1&internalframe=aba2_b&csp=" +
                  escape("default-src 'none'; frame-ancestors " + host.b + "; script-src 'self'");
  elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');

  elt = $('abb_allow');
  innerframeuri = base.b + "?testid=abb_allow&double=1&internalframe=abb_a&csp=" +
                  escape("default-src 'none'; frame-ancestors " + host.a + " " + host.b + "; script-src 'self'");
  elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');

  elt = $('abb_block');
  innerframeuri = base.b + "?testid=abb_allow&double=1&internalframe=abb_b&csp=" +
                  escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");
  elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');

  elt = $('abb2_block');
  innerframeuri = base.b + "?testid=abb_allow&double=1&internalframe=abb2_b&csp=" +
                  escape("default-src 'none'; frame-ancestors " + host.b + "; script-src 'self'");
  elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');
}

window.addEventListener('load', setupFrames, false);