tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_fontloader.html (3157B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <head>
      4  <meta charset="utf-8">
      5  <title>Bug 1122236 - CSP: Implement block-all-mixed-content</title>
      6  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
      7  <script src="/tests/SimpleTest/SimpleTest.js"></script>
      8  <!-- Including WindowSnapshot.js so we can take screenshots of containers !-->
      9  <script src="/tests/SimpleTest/WindowSnapshot.js"></script>
     10  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
     11 </head>
     12 <body onload="setupTests()">
     13 <iframe style="width:100%;" id="baselineframe"></iframe>
     14 <iframe style="width:100%;" id="testframe"></iframe>
     15 
     16 <script class="testbody" type="text/javascript">
     17 
     18 /* Description of the tests:
     19 * We load a baselineFrame and compare the testFrame using
     20 * compareSnapshots whether the font got loaded or blocked.
     21 * Test 1: Use font-src 'none' so font gets blocked
     22 * Test 2: Use font-src * so font gets loaded
     23 * Test 3: Use no csp so font gets loaded
     24 * Test 4: Use font-src 'none' so font gets blocked
     25 *         Makes sure the cache gets invalidated.
     26 */
     27 
     28 SimpleTest.waitForExplicitFinish();
     29 
     30 const BASE_URI = "https://example.com/tests/dom/security/test/csp/";
     31 
     32 const tests = [
     33  { // test 1
     34    query: "csp-block",
     35    expected: true, // frames should be equal since font is *not* allowed to load
     36    description: "font should be blocked by csp (csp-block)"
     37  },
     38  { // test 2
     39    query: "csp-allow",
     40    expected: false, // frames should *not* be equal since font is loaded
     41    description: "font should load and apply (csp-allow)"
     42  },
     43  { // test 3
     44    query: "no-csp",
     45    expected: false, // frames should *not* be equals since font is loaded
     46    description: "font should load and apply (no-csp)"
     47  },
     48  { // test 4
     49    query: "csp-block",
     50    expected: true, // frames should be equal since font is *not* allowed to load
     51    description: "font should be blocked by csp (csp-block) [apply csp to cache]"
     52  }
     53 ];
     54 
     55 var curTest;
     56 var counter = -1;
     57 var baselineframe = document.getElementById("baselineframe");
     58 var testframe = document.getElementById("testframe");
     59 
     60 async function checkResult() {
     61  testframe.removeEventListener('load', checkResult);
     62  try {
     63    ok(compareSnapshots(await snapshotWindow(baselineframe.contentWindow),
     64                        await snapshotWindow(testframe.contentWindow),
     65                        curTest.expected)[0],
     66                        curTest.description);
     67  } catch(err) {
     68    ok(false, "error: " + err.message);
     69  }
     70  loadNextTest();
     71 }
     72 
     73 function loadNextTest() {
     74  counter++;
     75  if (counter == tests.length) {
     76    SimpleTest.finish();
     77    return;
     78  }
     79  curTest = tests[counter];
     80  testframe.addEventListener("load", checkResult);
     81  testframe.src = BASE_URI + "file_fontloader.sjs?" + curTest.query;
     82 }
     83 
     84 // once the baselineframe is loaded we can start running tests
     85 function startTests() {
     86  baselineframe.removeEventListener('load', startTests);
     87  loadNextTest();
     88 }
     89 
     90 // make sure the main page is loaded before we start the test
     91 function setupTests() {
     92  baselineframe.addEventListener("load", startTests);
     93  baselineframe.src = BASE_URI + "file_fontloader.sjs?baseline";
     94 }
     95 
     96 </script>
     97 </body>
     98 </html>