1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
<!DOCTYPE HTML>
<html>
<head>
<title>Bug 1045891</title>
</head>
<body>
<iframe id="testframe"> </iframe>
<script type="text/javascript">
page_id = window.location.hash.substring(1);
function executeTest(ev) {
testframe = document.getElementById('testframe');
testframe.contentWindow.postMessage({id:page_id, message:"execute"}, 'http://mochi.test:8888');
}
function reportError(ev) {
window.parent.postMessage({id:page_id, message:"blocked"}, 'http://mochi.test:8888');
cleanup();
}
function recvMessage(ev) {
if (ev.data.id == page_id) {
window.parent.postMessage({id:ev.data.id, message:ev.data.message}, 'http://mochi.test:8888');
cleanup();
}
}
function cleanup() {
testframe = document.getElementById('testframe');
window.removeEventListener('message', recvMessage);
testframe.removeEventListener('load', executeTest);
testframe.removeEventListener('error', reportError);
}
window.addEventListener('message', recvMessage, false);
try {
// Please note that file_testserver.sjs?foo does not return a response.
// For testing purposes this is not necessary because we only want to check
// whether CSP allows or blocks the load.
src = "file_testserver.sjs";
src += "?file=" + escape("tests/dom/security/test/csp/file_child-src_inner_frame.html");
src += "#" + escape(page_id);
testframe = document.getElementById('testframe');
testframe.addEventListener('load', executeTest, false);
testframe.addEventListener('error', reportError, false);
testframe.src = src;
}
catch (e) {
if (e.message.match(/Failed to load script/)) {
window.parent.postMessage({id:page_id, message:"blocked"}, 'http://mochi.test:8888');
} else {
window.parent.postMessage({id:page_id, message:"exception"}, 'http://mochi.test:8888');
}
}
</script>
</body>
</html>
|