tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_frame_ancestors_ro.html (2277B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <head>
      4  <title>Test for frame-ancestors support in Content-Security-Policy-Report-Only</title>
      5  <script src="/tests/SimpleTest/SimpleTest.js"></script>
      6  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
      7 </head>
      8 <body>
      9 <iframe style="width: 100%" id="cspframe"></iframe>
     10 <script type="text/javascript">
     11 const docUri = "http://mochi.test:8888/tests/dom/security/test/csp/file_frame_ancestors_ro.html";
     12 const frame = document.getElementById("cspframe");
     13 
     14 let testResults = {
     15  reportFired: false,
     16  frameLoaded: false
     17 };
     18 
     19 function checkResults(reportObj) {
     20  let cspReport = reportObj["csp-report"];
     21  is(cspReport["document-uri"], docUri, "Incorrect document-uri");
     22 
     23  // we can not test for the whole referrer since it includes platform specific information
     24  is(cspReport.referrer, document.location.toString(), "Incorrect referrer");
     25  is(cspReport["blocked-uri"], document.location.toString(), "Incorrect blocked-uri");
     26  is(cspReport["violated-directive"], "frame-ancestors", "Incorrect violated-directive");
     27  is(cspReport["original-policy"], "frame-ancestors 'none'; report-uri http://mochi.test:8888/foo.sjs", "Incorrect original-policy");
     28  testResults.reportFired = true;
     29 }
     30 
     31 let chromeScriptUrl = SimpleTest.getTestFileURL("file_report_chromescript.js");
     32 let script = SpecialPowers.loadChromeScript(chromeScriptUrl);
     33 
     34 script.addMessageListener('opening-request-completed', function ml(msg) {
     35  if (msg.error) {
     36    ok(false, "Could not query report (exception: " + msg.error + ")");
     37  } else {
     38    try {
     39      let reportObj = JSON.parse(msg.report);
     40      // test for the proper values in the report object
     41      checkResults(reportObj);
     42    } catch (e) {
     43      ok(false, "Error verifying report object (exception: " + e + ")");
     44    }
     45  }
     46 
     47  script.removeMessageListener('opening-request-completed', ml);
     48  script.sendAsyncMessage("finish");
     49  checkTestResults();
     50 });
     51 
     52 frame.addEventListener( 'load', () => {
     53  // Make sure the frame is still loaded
     54  testResults.frameLoaded = true;
     55  checkTestResults()
     56 } );
     57 
     58 function checkTestResults() {
     59  if( testResults.reportFired && testResults.frameLoaded ) {
     60    SimpleTest.finish();
     61  }
     62 }
     63 
     64 SimpleTest.waitForExplicitFinish();
     65 frame.src = docUri;
     66 
     67 </script>
     68 </body>
     69 </html>