test_csp_upgrade-insecure_intercept.html (2019B)
1 <!-- 2 Any copyright is dedicated to the Public Domain. 3 http://creativecommons.org/publicdomain/zero/1.0/ 4 --> 5 <!DOCTYPE HTML> 6 <html> 7 <head> 8 <title>Test that a CSP upgraded request can be intercepted by a service worker</title> 9 <script src="/tests/SimpleTest/SimpleTest.js"></script> 10 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> 11 </head> 12 <body> 13 <p id="display"></p> 14 <div id="content"> 15 <iframe></iframe> 16 </div> 17 <pre id="test"></pre> 18 <script class="testbody" type="text/javascript"> 19 20 var iframe; 21 function runTest() { 22 iframe = document.querySelector("iframe"); 23 iframe.src = "https://example.com/tests/dom/serviceworkers/test/fetch/upgrade-insecure/register.html"; 24 window.onmessage = function(e) { 25 if (e.data.status == "ok") { 26 ok(e.data.result, e.data.message); 27 } else if (e.data.status == "registrationdone") { 28 iframe.src = "https://example.com/tests/dom/serviceworkers/test/fetch/upgrade-insecure/embedder.html"; 29 } else if (e.data.status == "protocol") { 30 is(e.data.data, "https:", "Correct protocol expected"); 31 } else if (e.data.status == "image") { 32 is(e.data.data, 40, "The image request was upgraded before interception"); 33 iframe.src = "https://example.com/tests/dom/serviceworkers/test/fetch/upgrade-insecure/unregister.html"; 34 } else if (e.data.status == "unregistrationdone") { 35 window.onmessage = null; 36 SimpleTest.finish(); 37 } 38 }; 39 } 40 41 SimpleTest.waitForExplicitFinish(); 42 onload = function() { 43 SpecialPowers.pushPrefEnv({"set": [ 44 ["dom.serviceWorkers.exemptFromPerDomainMax", true], 45 ["dom.serviceWorkers.enabled", true], 46 ["dom.serviceWorkers.testing.enabled", true], 47 // This is needed so that we can test upgrading a non-secure load inside an https iframe. 48 ["security.mixed_content.block_active_content", false], 49 ["security.mixed_content.block_display_content", false], 50 ]}, runTest); 51 }; 52 </script> 53 </pre> 54 </body> 55 </html>