tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

addInlineTestsWithDOMManipulation.js (1314B)

      1 (function () {
      2  var t_spv = async_test("Test that securitypolicyviolation event is fired");
      3  var test_count = 2;
      4 
      5  window.addEventListener("securitypolicyviolation", t_spv.step_func_done(function(e) {
      6   assert_equals(e.violatedDirective, "script-src-elem");
      7   if (--test_count <= 0) {
      8    t_spv.done();
      9   }
     10  }));
     11 
     12 
     13  var dmTest = async_test("DOM manipulation inline tests");
     14  var attachPoint = document.getElementById('attachHere');
     15  var inlineScript = document.createElement('script');
     16  var scriptText = document.createTextNode('dmTest.step(function() {assert_unreached("Unsafe inline script ran - createTextNode.")});');
     17 
     18  inlineScript.appendChild(scriptText);
     19  attachPoint.appendChild(inlineScript);
     20 
     21  document.getElementById('emptyScript').innerHTML = 'dmTest.step(function() {assert_unreached("Unsafe inline script ran - innerHTML.")});';
     22  document.getElementById('emptyDiv').outerHTML = '<script id=outerHTMLScript>dmTest.step(function() {assert_unreached("Unsafe inline script ran - outerHTML.")});</script>';
     23 
     24  document.write('<script>dmTest.step(function() {assert_unreached("Unsafe inline script ran - document.write")});</script>');
     25  document.writeln('<script>dmTest.step(function() {assert_unreached("Unsafe inline script ran - document.writeln")});</script>');
     26 
     27  dmTest.done();
     28 })();