1 files changed, 104 insertions, 0 deletions

diff --git a/dom/base/test/test_bug704320_policyset.html b/dom/base/test/test_bug704320_policyset.html
new file mode 100644
index 000000000..8188a9480
--- /dev/null
+++ b/dom/base/test/test_bug704320_policyset.html
@@ -0,0 +1,104 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+This checks if the right policies are applied from a given string (including whitespace, invalid policy strings, etc).  It doesn't do a complete check for all load types; that's done in another test.
+https://bugzilla.mozilla.org/show_bug.cgi?id=704320
+-->
+
+<head>
+  <meta charset="utf-8">
+  <title>Test policies for Bug 704320</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <script type="application/javascript" src="referrerHelper.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+
+<script type="application/javascript;version=1.7">
+
+SimpleTest.waitForExplicitFinish();
+var advance = function() { tests.next(); };
+
+/**
+ * This is the main test routine -- serialized by use of a generator.
+ * It resets the counter, then performs two tests in sequence using
+ * the same iframe.
+ */
+var tests = (function() {
+  var iframe = document.getElementById("testframe");
+  const sjs = "/tests/dom/base/test/bug704320.sjs?action=generate-policy-test";
+
+
+  // basic calibration check
+  // reset the counter
+  yield resetCounter();
+
+  // load the first test frame
+  // it will call back into this function via postMessage when it finishes loading.
+  // and continue beyond the yield.
+  yield iframe.src = sjs + "&policy=" + escape('default');
+
+  // check the first test (two images, no referrers)
+  yield checkIndividualResults("default", ["full"]);
+
+  // check invalid policy
+  // According to the spec section Determine token's Policy,if there is a policy
+  // token and it is not one of the expected tokens, Empty string should be the
+  // policy used.
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape('invalid-policy');
+  yield checkIndividualResults("invalid", ["full"]);
+
+  // whitespace checks.
+  // according to the spec section 4.1, the content attribute's value
+  // is fed to the token policy algorithm after stripping leading and
+  // trailing whitespace.
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape('default   ');
+  yield checkIndividualResults("trailing whitespace", ["full"]);
+
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape(' origin\f');
+  yield checkIndividualResults("trailing form feed", ["origin"]);
+
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape('\f origin');
+  yield checkIndividualResults("leading form feed", ["origin"]);
+
+  // origin when cross-origin (trimming whitespace)
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape(' origin-when-cross-origin');
+  yield checkIndividualResults("origin-when-cross-origin", ["origin", "full"]);
+
+  // according to the spec section 4.1:
+  // "If the meta element lacks a content attribute, or if that attribute’s
+  //  value is the empty string, then abort these steps."
+  // This means empty or missing content attribute means to ignore the meta
+  // tag and use default policy.
+  // Whitespace here is space, tab, LF, FF and CR.
+  // http://www.w3.org/html/wg/drafts/html/CR/infrastructure.html#space-character
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape(' \t  ');
+  yield checkIndividualResults("basic whitespace only policy", ["full"]);
+
+  // and double-check that no-referrer works.
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape('no-referrer');
+  yield checkIndividualResults("no-referrer", ["none"]);
+
+  // Case insensitive
+  yield resetCounter();
+  yield iframe.src = sjs + "&policy=" + escape('\f OrigIn');
+  yield checkIndividualResults("origin case insensitive", ["origin"]);
+
+  // complete.  Be sure to yield so we don't call this twice.
+  yield SimpleTest.finish();
+})();
+
+</script>
+</head>
+
+<body onload="tests.next();">
+  <iframe id="testframe"></iframe>
+
+</body>
+</html>
+