Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code
Issues
All Issues

Side by Side Diff: chrome/content/tests/policy.js

Issue 29333104: Issue 3459 - Added content policy tests for <img srcset> and fetch() (Closed)
Patch Set: Created Dec. 29, 2015, 3:38 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 (function() 1 (function()
2 { 2 {
3 let server = null; 3 let server = null;
4 let frame = null; 4 let frame = null;
5 let requestNotifier = null; 5 let requestNotifier = null;
6 let httpProtocol = null; 6 let httpProtocol = null;
7 7
8 module("Content policy", { 8 module("Content policy", {
9 setup: function() 9 setup: function()
10 { 10 {
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after
88 "HTML image button inside a frame", 88 "HTML image button inside a frame",
89 '<iframe src="data:text/html,%3Cinput%20type%3D%22image%22%20src%3D%22http %3A%2F%2F127.0.0.1:1234%2Ftest.gif%22%3E"></iframe>', 89 '<iframe src="data:text/html,%3Cinput%20type%3D%22image%22%20src%3D%22http %3A%2F%2F127.0.0.1:1234%2Ftest.gif%22%3E"></iframe>',
90 "http://127.0.0.1:1234/test.gif", "image", false, false 90 "http://127.0.0.1:1234/test.gif", "image", false, false
91 ], 91 ],
92 [ 92 [
93 "HTML image button inside a nested frame", 93 "HTML image button inside a nested frame",
94 '<iframe src="data:text/html,%3Ciframe%20src%3D%22data%3Atext%2Fhtml%2C%25 3Cinput%2520type%253D%2522image%2522%2520src%253D%2522http%253A%252F%252F127.0.0 .1%3A1234%252Ftest.gif%2522%253E%22%3E%3C%2Fiframe%3E"></iframe>', 94 '<iframe src="data:text/html,%3Ciframe%20src%3D%22data%3Atext%2Fhtml%2C%25 3Cinput%2520type%253D%2522image%2522%2520src%253D%2522http%253A%252F%252F127.0.0 .1%3A1234%252Ftest.gif%2522%253E%22%3E%3C%2Fiframe%3E"></iframe>',
95 "http://127.0.0.1:1234/test.gif", "image", false, false 95 "http://127.0.0.1:1234/test.gif", "image", false, false
96 ], 96 ],
97 [ 97 [
98 "HTML image with srcset",
99 '<img srcset="test.gif">',
100 "http://127.0.0.1:1234/test.gif", "image", false, false
101 ],
102 [
98 "Dynamically inserted image button", 103 "Dynamically inserted image button",
99 '<div id="insert"></div>' + 104 '<div id="insert"></div>' +
100 '<script>' + 105 '<script>' +
101 'window.addEventListener("DOMContentLoaded", function()' + 106 'window.addEventListener("DOMContentLoaded", function()' +
102 '{' + 107 '{' +
103 'var div = document.getElementById("insert");' + 108 'var div = document.getElementById("insert");' +
104 'div.innerHTML = \'<input type="image" id="image" src="test.gif">\';' + 109 'div.innerHTML = \'<input type="image" id="image" src="test.gif">\';' +
105 'var image = document.getElementById("image");' + 110 'var image = document.getElementById("image");' +
106 'image.onload = image.onerror = function ()' + 111 'image.onload = image.onerror = function ()' +
107 '{' + 112 '{' +
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after
278 '<embed type="application/x-java-applet" code="test.class" src="test.class "></embed>', 283 '<embed type="application/x-java-applet" code="test.class" src="test.class "></embed>',
279 "http://127.0.0.1:1234/test.class", "object", false, false 284 "http://127.0.0.1:1234/test.class", "object", false, false
280 ], 285 ],
281 [ 286 [
282 "HTML object (Java)", 287 "HTML object (Java)",
283 '<object type="application/x-java-applet" data="test.class"></object>', 288 '<object type="application/x-java-applet" data="test.class"></object>',
284 "http://127.0.0.1:1234/test.class", "object", false, false 289 "http://127.0.0.1:1234/test.class", "object", false, false
285 ]); 290 ]);
286 } 291 }
287 292
293 if ("fetch" in window)
294 {
295 tests.push([
296 "fetch() API",
297 '<script>fetch("test.xml").catch(function() {});</script>',
Wladimir Palant 2015/12/29 23:25:40 That's an async call, I don't think it is guarante
Sebastian Noack 2015/12/30 15:46:20 Acknowledged. There you go: https://codereview.adb
298 "http://127.0.0.1:1234/test.xml", "xmlhttprequest", false, false
299 ]);
300 }
301
288 let policyHits = []; 302 let policyHits = [];
289 function onPolicyHit(item, scanComplete) 303 function onPolicyHit(item, scanComplete)
290 { 304 {
291 if (!item) 305 if (!item)
292 return; 306 return;
293 if (item.location == "http://127.0.0.1:1234/test" || 307 if (item.location == "http://127.0.0.1:1234/test" ||
294 item.location == "http://127.0.0.1:1234/redirect.gif" || 308 item.location == "http://127.0.0.1:1234/redirect.gif" ||
295 item.location == "http://127.0.0.1:1234/redirect2.gif") 309 item.location == "http://127.0.0.1:1234/redirect2.gif")
296 { 310 {
297 return; 311 return;
(...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after
444 for (let stage = 1; stage in stageDescriptions; stage++) 458 for (let stage = 1; stage in stageDescriptions; stage++)
445 { 459 {
446 let stageDescription = stageDescriptions[stage]; 460 let stageDescription = stageDescriptions[stage];
447 if (stageDescription.indexOf("%S") >= 0) 461 if (stageDescription.indexOf("%S") >= 0)
448 stageDescription = stageDescription.replace("%S", expectedURL); 462 stageDescription = stageDescription.replace("%S", expectedURL);
449 463
450 asyncTest(name + " (" + stageDescription + ")", runTest.bind(null, tests[t est], stage)); 464 asyncTest(name + " (" + stageDescription + ")", runTest.bind(null, tests[t est], stage));
451 } 465 }
452 } 466 }
453 })(); 467 })();
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld