browser_jsonview_csp_json.js (1231B)
1 /* Any copyright is dedicated to the Public Domain. 2 * http://creativecommons.org/publicdomain/zero/1.0/ */ 3 4 "use strict"; 5 6 const TEST_JSON_URL = URL_ROOT + "csp_json.json"; 7 8 add_task(async function () { 9 info("Test CSP JSON started"); 10 11 const tab = await addJsonViewTab(TEST_JSON_URL); 12 13 const count = await getElementCount(".jsonPanelBox .treeTable .treeRow"); 14 is(count, 1, "There must be one row"); 15 16 // The JSON Viewer alters the CSP, but the displayed header should be the original one 17 await selectJsonViewContentTab("headers"); 18 await SpecialPowers.spawn(tab.linkedBrowser, [], async function () { 19 const responseHeaders = content.document.querySelector(".netHeadersGroup"); 20 const names = responseHeaders.querySelectorAll(".netInfoParamName"); 21 let found = false; 22 for (const name of names) { 23 if (name.textContent.toLowerCase() == "content-security-policy") { 24 ok(!found, "The CSP header only appears once"); 25 found = true; 26 const value = name.nextElementSibling.textContent; 27 const expected = "default-src 'none'; base-uri 'none';"; 28 is(value, expected, "The CSP value has not been altered"); 29 } 30 } 31 ok(found, "The CSP header is present"); 32 }); 33 });