Add m-esr52 at 52.6.0

author: Matt A. Tobin <mattatobin@localhost.localdomain> 2018-02-02 04:16:08 -0500
committer: Matt A. Tobin <mattatobin@localhost.localdomain> 2018-02-02 04:16:08 -0500
commit: 5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree: 10027f336435511475e392454359edea8e25895d /testing/web-platform/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
parent: 49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
download: UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
1 files changed, 294 insertions, 0 deletions
diff --git a/testing/web-platform/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html b/testing/web-platform/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
new file mode 100644
index 000000000..3822971e8
--- /dev/null
+++ b/testing/web-platform/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
@@ -0,0 +1,294 @@
+<script src="../resources/get-host-info.sub.js"></script>
+<script src="test-helpers.sub.js?pipe=sub"></script>
+<script>
+var image_path = base_path() + 'fetch-access-control.py?PNGIMAGE';
+var host_info = get_host_info();
+var params = get_query_params(location.href);
+
+var NOT_TAINTED = 'NOT_TAINTED';
+var TAINTED = 'TAINTED';
+var LOAD_ERROR = 'LOAD_ERROR';
+
+function get_query_params(url) {
+  var search = (new URL(url)).search;
+  if (!search) {
+    return {};
+  }
+  var ret = {};
+  var params = search.substring(1).split('&');
+  params.forEach(function(param) {
+      var element = param.split('=');
+      ret[decodeURIComponent(element[0])] = decodeURIComponent(element[1]);
+    });
+  return ret;
+}
+
+function create_test_case_promise(url, cross_origin) {
+  return new Promise(function(resolve) {
+      var img = new Image();
+      if (cross_origin != '') {
+        img.crossOrigin = cross_origin;
+      }
+      img.onload = function() {
+        try {
+          var canvas = document.createElement('canvas');
+          canvas.width = 100;
+          canvas.height = 100;
+          var context = canvas.getContext('2d');
+          context.drawImage(img, 0, 0);
+          context.getImageData(0, 0, 100, 100);
+          resolve(NOT_TAINTED);
+        } catch (e) {
+          resolve(TAINTED);
+        }
+      };
+      img.onerror = function() {
+        resolve(LOAD_ERROR);
+      }
+      img.src = url;
+    });
+}
+
+function create_test_promise(url, cross_origin, expected_result) {
+  if (params['cache']) {
+    url += "&cache";
+  }
+
+  return new Promise(function(resolve, reject) {
+      create_test_case_promise(url, cross_origin)
+        .then(function(result) {
+          if (result == expected_result) {
+            resolve();
+          } else {
+            reject('Result of url:' + url + ' ' +
+                   ' cross_origin: ' + cross_origin + ' must be ' +
+                   expected_result + ' but ' + result);
+          }
+        })
+    });
+}
+
+window.addEventListener('message', function(evt) {
+    var port = evt.ports[0];
+    var image_url = host_info['HTTPS_ORIGIN'] + image_path;
+    var remote_image_url = host_info['HTTPS_REMOTE_ORIGIN'] + image_path;
+    Promise.all([
+        // Reject tests
+        create_test_promise(image_url + '&reject', '', LOAD_ERROR),
+        create_test_promise(image_url + '&reject', 'anonymous', LOAD_ERROR),
+        create_test_promise(
+            image_url + '&reject', 'use-credentials', LOAD_ERROR),
+        // Fallback tests
+        create_test_promise(
+            image_url + '&ignore',
+            '',
+            NOT_TAINTED),
+        create_test_promise(
+            remote_image_url + '&ignore',
+            '',
+            TAINTED),
+        create_test_promise(
+            remote_image_url + '&ignore',
+            'anonymous',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
+            '&ignore',
+            'anonymous',
+            NOT_TAINTED),
+        create_test_promise(
+            remote_image_url + '&ignore',
+            'use-credentials',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
+            '&ignore',
+            'use-credentials',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url + '&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
+            '&ACACredentials=true&ignore',
+            'use-credentials',
+            NOT_TAINTED),
+
+        // Credential test (fallback)
+        create_test_promise(
+            image_url + '&Auth&ignore',
+            '',
+            NOT_TAINTED),
+        create_test_promise(
+            remote_image_url + '&Auth&ignore',
+            '',
+            TAINTED),
+        create_test_promise(
+            remote_image_url + '&Auth&ignore',
+            'anonymous',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url + '&Auth&ignore',
+            'use-credentials',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
+            '&ignore',
+            'use-credentials',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url + '&Auth&ACAOrigin=' + host_info['HTTPS_ORIGIN'] +
+            '&ACACredentials=true&ignore',
+            'use-credentials',
+            NOT_TAINTED),
+
+        // Basic response
+        create_test_promise(
+            image_url +
+            '&mode=same-origin&url=' + encodeURIComponent(image_url),
+            '',
+            NOT_TAINTED),
+        create_test_promise(
+            image_url +
+            '&mode=same-origin&url=' + encodeURIComponent(image_url),
+            'anonymous',
+            NOT_TAINTED),
+        create_test_promise(
+            image_url +
+            '&mode=same-origin&url=' + encodeURIComponent(image_url),
+            'use-credentials',
+            NOT_TAINTED),
+        create_test_promise(
+            remote_image_url +
+            '&mode=same-origin&url=' + encodeURIComponent(image_url),
+            '',
+            TAINTED),
+        create_test_promise(
+            remote_image_url +
+            '&mode=same-origin&url=' + encodeURIComponent(image_url),
+            'anonymous',
+            NOT_TAINTED),
+        create_test_promise(
+            remote_image_url +
+            '&mode=same-origin&url=' + encodeURIComponent(image_url),
+            'use-credentials',
+            NOT_TAINTED),
+
+        // Opaque response
+        create_test_promise(
+            image_url +
+            '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
+            '',
+            TAINTED),
+        create_test_promise(
+            image_url +
+            '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
+            'anonymous',
+            LOAD_ERROR),
+        create_test_promise(
+            image_url +
+            '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
+            'use-credentials',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url +
+            '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
+            '',
+            TAINTED),
+        create_test_promise(
+            remote_image_url +
+            '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
+            'anonymous',
+            LOAD_ERROR),
+        create_test_promise(
+            remote_image_url +
+            '&mode=no-cors&url=' + encodeURIComponent(remote_image_url),
+            'use-credentials',
+            LOAD_ERROR),
+
+        // CORS response
+        create_test_promise(
+            image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            '',
+            LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+                         // with an Access-Control-Allow-Credentials header.
+        create_test_promise(
+            image_url +
+            '&mode=cors&credentials=same-origin&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            '',
+            NOT_TAINTED),
+        create_test_promise(
+            image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            'anonymous',
+            NOT_TAINTED),
+        create_test_promise(
+            image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            'use-credentials',
+            LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+                         // with an Access-Control-Allow-Credentials header.
+        create_test_promise(
+            image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(
+                remote_image_url +
+                '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            'use-credentials',
+            NOT_TAINTED),
+        create_test_promise(
+            remote_image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            '',
+            LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+                         // with an Access-Control-Allow-Credentials header.
+        create_test_promise(
+            remote_image_url +
+            '&mode=cors&credentials=same-origin&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            '',
+            TAINTED), // The cross-origin no-cors request is immediately tainted.
+                      // Since this happens before the service worker interception,
+                      // it does not matter what kind of response it returns.
+                      // The result will always be tainted.
+        create_test_promise(
+            remote_image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            'anonymous',
+            NOT_TAINTED),
+        create_test_promise(
+            remote_image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(remote_image_url +
+                               '&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            'use-credentials',
+            LOAD_ERROR), // We expect LOAD_ERROR since the server doesn't respond
+                         // with an Access-Control-Allow-Credentials header.
+        create_test_promise(
+            remote_image_url +
+            '&mode=cors&url=' +
+            encodeURIComponent(
+                remote_image_url +
+                '&ACACredentials=true&ACAOrigin=' + host_info['HTTPS_ORIGIN']),
+            'use-credentials',
+            NOT_TAINTED)
+      ])
+      .then(function() {
+          port.postMessage({results: 'finish'});
+        })
+      .catch(function(e) {
+          port.postMessage({results: 'failure:' + e});
+        });
+  }, false);
+</script>
author	Matt A. Tobin <mattatobin@localhost.localdomain>	2018-02-02 04:16:08 -0500
committer	Matt A. Tobin <mattatobin@localhost.localdomain>	2018-02-02 04:16:08 -0500
commit	5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree	10027f336435511475e392454359edea8e25895d /testing/web-platform/tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html
parent	49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
download	UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip