test_evalscript.html (1822B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <title>Test for Content Security Policy "no eval" base restriction</title> 5 <script src="/tests/SimpleTest/SimpleTest.js"></script> 6 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> 7 </head> 8 <body> 9 <p id="display"></p> 10 <div id="content" style="display: none"> 11 </div> 12 <iframe style="width:100%;height:300px;" id='cspframe'></iframe> 13 <iframe style="width:100%;height:300px;" id='cspframe2'></iframe> 14 <script class="testbody" type="text/javascript"> 15 16 var evalScriptsThatRan = 0; 17 var evalScriptsBlocked = 0; 18 var evalScriptsTotal = 19; 19 20 // called by scripts that run 21 var scriptRan = function(shouldrun, testname, data) { 22 evalScriptsThatRan++; 23 ok(shouldrun, 'EVAL SCRIPT RAN: ' + testname + '(' + data + ')'); 24 checkTestResults(); 25 } 26 27 // called when a script is blocked 28 var scriptBlocked = function(shouldrun, testname, data) { 29 evalScriptsBlocked++; 30 ok(!shouldrun, 'EVAL SCRIPT BLOCKED: ' + testname + '(' + data + ')'); 31 checkTestResults(); 32 } 33 34 var verifyZeroRetVal = function(val, testname) { 35 ok(val === 0, 'RETURN VALUE SHOULD BE ZERO, was ' + val + ': ' + testname); 36 } 37 38 // Check to see if all the tests have run 39 var checkTestResults = function() { 40 // if any test is incomplete, keep waiting 41 if (evalScriptsTotal - evalScriptsBlocked - evalScriptsThatRan > 0) 42 return; 43 44 // ... otherwise, finish 45 SimpleTest.finish(); 46 } 47 48 ////////////////////////////////////////////////////////////////////// 49 // set up and go 50 SimpleTest.waitForExplicitFinish(); 51 52 // save this for last so that our listeners are registered. 53 // ... this loads the testbed of good and bad requests. 54 document.getElementById('cspframe').src = 'file_evalscript_main.html'; 55 document.getElementById('cspframe2').src = 'file_evalscript_main_allowed.html'; 56 </script> 57 </pre> 58 </body> 59 </html>