Add m-esr52 at 52.6.0

17 files changed, 422 insertions, 0 deletions

diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/deep-allows-none.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/deep-allows-none.sub.html
new file mode 100644
index 000000000..1926007d3
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/deep-allows-none.sub.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>single-frame-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTest();
+            } else {
+                alert_assert(event.data);
+            }
+        }
+
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+    
+        function startTest() {
+            window.frames['frame1'].frames['deepframe'].postMessage("hello deep frame", "*");
+        }
+        function done() { alert_assert("PASS"); }
+        setTimeout(done(), 1);
+    </script>
+</head>
+<body>
+    <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html?subframe=http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-none.html' name="frame1"></iframe>
+    <div id="log"></div>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html
new file mode 100644
index 000000000..6b9c91c93
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html
@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html>
+<body>
+    <p>Reporting Frame...</p>
+    <script>
+        function onMessage(event) {
+            var p = document.createElement(p);
+            p.textContent = event.data;
+            document.body.appendChild(p);
+            window.parent.postMessage(event.data, "*");
+        }
+
+        window.addEventListener(
+            "message",
+            onMessage,
+            false
+        );
+    </script>
+    <iframe src='{{GET[subframe]}}' name="deepframe"></iframe>
+</body>
+</html>
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html.headers b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html.headers
new file mode 100644
index 000000000..f0eb936b3
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html.headers
@@ -0,0 +1,5 @@
+Expires: Mon, 26 Jul 1997 05:00:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Cache-Control: post-check=0, pre-check=0, false
+Pragma: no-cache
+Content-Security-Policy: frame-ancestors 'self'
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-star.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-star.sub.html
new file mode 100644
index 000000000..d51e0d532
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-star.sub.html
@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html>
+<body>
+    <p>Reporting Frame...</p>
+    <script>
+        function onMessage(event) {
+            var p = document.createElement(p);
+            p.textContent = event.data;
+            document.body.appendChild(p);
+            window.parent.postMessage(event.data, "*");
+        }
+        window.addEventListener(
+            "message",
+            onMessage,
+            false
+        );
+    </script>
+    <iframe src='{{GET[subframe]}}' name="deepframe"></iframe>
+</body>
+</html>
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-star.sub.html.headers b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-star.sub.html.headers
new file mode 100644
index 000000000..734aa227f
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-star.sub.html.headers
@@ -0,0 +1,5 @@
+Expires: Mon, 26 Jul 1997 05:00:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Cache-Control: post-check=0, pre-check=0, false
+Pragma: no-cache
+Content-Security-Policy: frame-ancestors *
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-meta-ignored.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-meta-ignored.sub.html
new file mode 100644
index 000000000..47bb0244b
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-meta-ignored.sub.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>multiple-frames-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["hello frame1","hello frame2"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        var startTestCtr = 0;
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTestCtr++;
+                if(startTestCtr == 2) {
+                    startTest();
+                }
+            } else {
+                alert_assert(event.data);
+            }
+        }
+
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+
+        function startTest() {
+            window.frames['frame1'].postMessage("hello frame1", "*");
+            window.frames['frame2'].postMessage("hello frame2", "*");
+        }
+    </script>
+</head>
+<body>
+    <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame1"></iframe>
+        <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-none-meta.html' name="frame2"></iframe>
+    <div id="log"></div>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-one-blocked.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-one-blocked.sub.html
new file mode 100644
index 000000000..3857a173c
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-one-blocked.sub.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>multiple-frames-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["hello frame2"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTest();
+            } else {
+                alert_assert(event.data);
+            }
+        }
+
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+
+        function startTest() {
+            window.frames['frame1'].postMessage("hello frame1", "*");
+            window.frames['frame2'].postMessage("hello frame2", "*");
+        }
+    </script>
+</head>
+<body>
+    <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-none.html' name="frame1"></iframe>
+        <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame2"></iframe>
+    <div id="log"></div>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-self-allowed.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-self-allowed.sub.html
new file mode 100644
index 000000000..485b6eb0f
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/multiple-frames-self-allowed.sub.html
@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>multiple-frames-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["hello frame1","hello frame2"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        var startTestCtr = 0;
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTestCtr++;
+                if(startTestCtr == 2) {
+                    startTest();
+                }
+            } else {
+                alert_assert(event.data);
+            }
+        }
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+        function startTest() {
+            window.frames['frame1'].postMessage("hello frame1", "*");
+            window.frames['frame2'].postMessage("hello frame2", "*");
+        }
+    </script>
+</head>
+<body>
+    <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame1"></iframe>
+        <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame2"></iframe>
+    <div id="log"></div>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-allowed.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-allowed.sub.html
new file mode 100644
index 000000000..a49049d13
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-allowed.sub.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>single-frame-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["hello deep frame"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTest();
+            } else {
+                alert_assert(event.data);
+            }
+        }
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+        function startTest() {
+            window.frames['frame1'].frames['deepframe'].postMessage("hello deep frame", "*");
+        }
+    </script>
+</head>
+<body>
+    <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html?subframe=http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame1"></iframe>
+    <div id="log"></div>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-banned-top-is-self.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-banned-top-is-self.sub.html
new file mode 100644
index 000000000..ced262fd7
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-banned-top-is-self.sub.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>single-frame-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTest();
+            } else {
+                alert_assert(event.data);
+            }
+        }
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+        function startTest() {
+            window.frames['frame1'].frames['deepframe'].postMessage("hello deep frame", "*");
+        }
+        function done() { alert_assert("PASS"); }
+        setTimeout(done(), 1);
+    </script>
+</head>
+<body>
+    <iframe src='http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-star.sub.html?subframe=http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame1"></iframe>
+    <div id="log"></div>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-banned.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-banned.sub.html
new file mode 100644
index 000000000..e58f0ba8d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/nested-traversing-banned.sub.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>single-frame-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTest();
+            } else {
+                alert_assert(event.data);
+            }
+        }
+
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+
+        function startTest() {
+            window.frames['frame1'].frames['deepframe'].postMessage("hello deep frame", "*");
+        }
+        function done() { alert_assert("PASS"); }
+        setTimeout(done(), 1);
+    </script>
+</head>
+<body>
+    <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/intermediate-reporting-frame-allows-self.sub.html?subframe=http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame1"></iframe>
+    <div id="log"></div>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none-meta.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none-meta.html
new file mode 100644
index 000000000..c0d079f01
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none-meta.html
@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="frame-ancestors 'none'">
+</head>
+<body>
+    <p>Reporting Frame...</p>
+    <script>
+        function onMessage(event) {
+            var p = document.createElement(p);
+            p.textContent = event.data;
+            document.body.appendChild(p);
+            window.parent.postMessage(event.data, "*");
+        }
+        window.addEventListener(
+            "message",
+            onMessage,
+            false
+        );
+        window.parent.postMessage("start test", "*");
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none.html
new file mode 100644
index 000000000..e38d99a6c
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none.html
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html>
+<body>
+    <p>Reporting Frame...</p>
+    <script>
+        function onMessage(event) {
+            var p = document.createElement(p);
+            p.textContent = event.data;
+            document.body.appendChild(p);
+            window.parent.postMessage(event.data, "*");
+        }
+
+        window.addEventListener(
+            "message",
+            onMessage,
+            false
+        );
+
+        window.parent.postMessage("start test", "*");
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none.html.headers b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none.html.headers
new file mode 100644
index 000000000..18bfb8156
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-none.html.headers
@@ -0,0 +1,5 @@
+Expires: Mon, 26 Jul 1997 05:00:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Cache-Control: post-check=0, pre-check=0, false
+Pragma: no-cache
+Content-Security-Policy: frame-ancestors 'none'
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-self.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-self.html
new file mode 100644
index 000000000..7c1186e77
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-self.html
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html>
+<body>
+    <p>Reporting Frame...</p>
+    <script>
+        function onMessage(event) {
+            var p = document.createElement(p);
+            p.textContent = event.data;
+            document.body.appendChild(p);
+            window.parent.postMessage(event.data, "*");
+        }
+        
+        window.addEventListener(
+            "message",
+            onMessage,
+            false
+        );
+        
+        window.parent.postMessage("start test", "*");
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-self.html.headers b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-self.html.headers
new file mode 100644
index 000000000..f0eb936b3
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/reporting-frame-allows-self.html.headers
@@ -0,0 +1,5 @@
+Expires: Mon, 26 Jul 1997 05:00:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Cache-Control: post-check=0, pre-check=0, false
+Pragma: no-cache
+Content-Security-Policy: frame-ancestors 'self'
diff --git a/testing/web-platform/tests/content-security-policy/frame-ancestors/single-frame-self-allowed.sub.html b/testing/web-platform/tests/content-security-policy/frame-ancestors/single-frame-self-allowed.sub.html
new file mode 100644
index 000000000..3a9b4552e
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/frame-ancestors/single-frame-self-allowed.sub.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>single-frame-self-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="../support/logTest.sub.js?logs=[]"></script>
+    <script src='../support/alertAssert.sub.js?alerts=["hello frame1"]'></script>
+    <!-- enforcing policy:
+connect-src 'self' 'none'; script-src 'self' 'unsafe-inline'; frame-src 'self';
+-->
+    <script>
+        function onMessage(event) {
+            if(event.data == "start test") {
+                startTest();
+            } else {
+                alert_assert(event.data);
+            }
+        }
+
+        window.addEventListener(
+            "message",
+            onMessage,
+            false);
+
+        function startTest() {
+            window.frames['frame1'].postMessage("hello frame1", "*");
+        }
+    </script>
+</head>
+<body>
+    <iframe src='http://{{host}}:{{ports[http][0]}}/content-security-policy/frame-ancestors/reporting-frame-allows-self.html' name="frame1"></iframe>
+    <div id="log"></div>
+</body>
+</html>