tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

stylehash-basic-blocked.sub.html (2641B)

      1 <!DOCTYPE html>
      2 <html>
      3 
      4 <head>
      5    <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
      6    <meta http-equiv="Content-Security-Policy" content="style-src 'self' 'sha256-FSRZotz4y83Ib8ZaoVj9eXKaeWXVUawM8zAPfYeYySs='; script-src 'self' 'unsafe-inline'; connect-src 'self';">
      7    <title>stylehash-basic-blocked</title>
      8    <script src="/resources/testharness.js"></script>
      9    <script src="/resources/testharnessreport.js"></script>
     10    <script src="../support/logTest.sub.js?logs=[]"></script>
     11    <script>
     12        window.addEventListener('securitypolicyviolation', function(e) {
     13            alert_assert("violated-directive=" + e.violatedDirective);
     14        });
     15 
     16        var t_alert = async_test('Expecting alerts: ["PASS: The \'p\' element\'s text is green, which means the style was correctly applied.", "violated-directive=style-src-elem"]');
     17        var expected_alerts = ["PASS: The 'p' element's text is green, which means the style was correctly applied.", "violated-directive=style-src-elem"];
     18 
     19        function alert_assert(msg) {
     20            t_alert.step(function() {
     21                if (msg.match(/^FAIL/i)) {
     22                    assert_unreached(msg);
     23                    t_alert.done();
     24                }
     25                for (var i = 0; i < expected_alerts.length; i++) {
     26                    if (expected_alerts[i] == msg) {
     27                        assert_equals(expected_alerts[i], msg);
     28                        expected_alerts.splice(i, 1);
     29                        if (expected_alerts.length == 0) {
     30                            t_alert.done();
     31                        }
     32                        return;
     33                    }
     34                }
     35                assert_unreached('unexpected alert: ' + msg);
     36                t_log.done();
     37            });
     38        }
     39 
     40    </script>
     41    <style>p { color: green; }</style>
     42    <style>p { color: red; }</style>
     43    <style>p { color: purple; }</style>
     44    <style>p { color: blue; }</style>
     45 </head>
     46 
     47 <body>
     48    <p>
     49        This tests the effect of a valid style-hash value, with one valid style and several invalid ones. It passes if the valid style is applied and a CSP violation is generated.
     50    </p>
     51    <script>
     52        var color = window.getComputedStyle(document.querySelector('p')).color;
     53        if (color === "rgb(0, 128, 0)")
     54            alert_assert("PASS: The 'p' element's text is green, which means the style was correctly applied.");
     55        else
     56            alert_assert("FAIL: The 'p' element's text is " + color + ", which means the style was incorrectly applied.");
     57 
     58    </script>
     59    <div id="log"></div>
     60 </body>
     61 
     62 </html>