Bug 988616 - Remove refs to "spec compliant" from split CSP tests r=sstamm r=ckerschb

This commit is contained in:
Garrett Robinson 2014-06-09 14:26:12 -07:00
parent 457187dd2d
commit 19a353d7b7
11 changed files with 116 additions and 173 deletions

View File

@ -10,34 +10,34 @@
<!-- These iframes will get populated by the attached javascript. -->
<tt> aa_allow: /* innermost frame allows a */</tt><br/>
<iframe id='aa_allow_spec_compliant'></iframe><br/>
<iframe id='aa_allow'></iframe><br/>
<tt> aa_block: /* innermost frame denies a */</tt><br/>
<iframe id='aa_block_spec_compliant'></iframe><br/>
<iframe id='aa_block'></iframe><br/>
<tt> ab_allow: /* innermost frame allows a */</tt><br/>
<iframe id='ab_allow_spec_compliant'></iframe><br/>
<iframe id='ab_allow'></iframe><br/>
<tt> ab_block: /* innermost frame denies a */</tt><br/>
<iframe id='ab_block_spec_compliant'></iframe><br/>
<iframe id='ab_block'></iframe><br/>
<tt> aba_allow: /* innermost frame allows b,a */</tt><br/>
<iframe id='aba_allow_spec_compliant'></iframe><br/>
<iframe id='aba_allow'></iframe><br/>
<tt> aba_block: /* innermost frame denies b */</tt><br/>
<iframe id='aba_block_spec_compliant'></iframe><br/>
<iframe id='aba_block'></iframe><br/>
<tt> aba2_block: /* innermost frame denies a */</tt><br/>
<iframe id='aba2_block_spec_compliant'></iframe><br/>
<iframe id='aba2_block'></iframe><br/>
<tt> abb_allow: /* innermost frame allows b,a */</tt><br/>
<iframe id='abb_allow_spec_compliant'></iframe><br/>
<iframe id='abb_allow'></iframe><br/>
<tt> abb_block: /* innermost frame denies b */</tt><br/>
<iframe id='abb_block_spec_compliant'></iframe><br/>
<iframe id='abb_block'></iframe><br/>
<tt> abb2_block: /* innermost frame denies a */</tt><br/>
<iframe id='abb2_block_spec_compliant'></iframe><br/>
<iframe id='abb2_block'></iframe><br/>
</body>

View File

@ -14,50 +14,50 @@ function setupFrames() {
var innerframeuri = null;
var elt = null;
elt = $('aa_allow_spec_compliant');
elt.src = base.a + "?testid=aa_allow_spec_compliant&internalframe=aa_a&csp=" +
elt = $('aa_allow');
elt.src = base.a + "?testid=aa_allow&internalframe=aa_a&csp=" +
escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");
elt = $('aa_block_spec_compliant');
elt.src = base.a + "?testid=aa_block_spec_compliant&internalframe=aa_b&csp=" +
elt = $('aa_block');
elt.src = base.a + "?testid=aa_block&internalframe=aa_b&csp=" +
escape("default-src 'none'; frame-ancestors 'none'; script-src 'self'");
elt = $('ab_allow_spec_compliant');
elt.src = base.b + "?testid=ab_allow_spec_compliant&internalframe=ab_a&csp=" +
elt = $('ab_allow');
elt.src = base.b + "?testid=ab_allow&internalframe=ab_a&csp=" +
escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");
elt = $('ab_block_spec_compliant');
elt.src = base.b + "?testid=ab_block_spec_compliant&internalframe=ab_b&csp=" +
elt = $('ab_block');
elt.src = base.b + "?testid=ab_block&internalframe=ab_b&csp=" +
escape("default-src 'none'; frame-ancestors 'none'; script-src 'self'");
/* .... two-level framing */
elt = $('aba_allow_spec_compliant');
innerframeuri = base.a + "?testid=aba_allow_spec_compliant&double=1&internalframe=aba_a&csp=" +
elt = $('aba_allow');
innerframeuri = base.a + "?testid=aba_allow&double=1&internalframe=aba_a&csp=" +
escape("default-src 'none'; frame-ancestors " + host.a + " " + host.b + "; script-src 'self'");
elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');
elt = $('aba_block_spec_compliant');
innerframeuri = base.a + "?testid=aba_allow_spec_compliant&double=1&internalframe=aba_b&csp=" +
elt = $('aba_block');
innerframeuri = base.a + "?testid=aba_allow&double=1&internalframe=aba_b&csp=" +
escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");
elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');
elt = $('aba2_block_spec_compliant');
innerframeuri = base.a + "?testid=aba_allow_spec_compliant&double=1&internalframe=aba2_b&csp=" +
elt = $('aba2_block');
innerframeuri = base.a + "?testid=aba_allow&double=1&internalframe=aba2_b&csp=" +
escape("default-src 'none'; frame-ancestors " + host.b + "; script-src 'self'");
elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');
elt = $('abb_allow_spec_compliant');
innerframeuri = base.b + "?testid=abb_allow_spec_compliant&double=1&internalframe=abb_a&csp=" +
elt = $('abb_allow');
innerframeuri = base.b + "?testid=abb_allow&double=1&internalframe=abb_a&csp=" +
escape("default-src 'none'; frame-ancestors " + host.a + " " + host.b + "; script-src 'self'");
elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');
elt = $('abb_block_spec_compliant');
innerframeuri = base.b + "?testid=abb_allow_spec_compliant&double=1&internalframe=abb_b&csp=" +
elt = $('abb_block');
innerframeuri = base.b + "?testid=abb_allow&double=1&internalframe=abb_b&csp=" +
escape("default-src 'none'; frame-ancestors " + host.a + "; script-src 'self'");
elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');
elt = $('abb2_block_spec_compliant');
innerframeuri = base.b + "?testid=abb_allow_spec_compliant&double=1&internalframe=abb2_b&csp=" +
elt = $('abb2_block');
innerframeuri = base.b + "?testid=abb_allow&double=1&internalframe=abb2_b&csp=" +
escape("default-src 'none'; frame-ancestors " + host.b + "; script-src 'self'");
elt.src = base.b + "?externalframe=" + escape('<iframe src="' + innerframeuri + '"></iframe>');
}

View File

@ -1,20 +1,20 @@
<html>
<head>
<link rel='stylesheet' type='text/css'
href='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=style_spec_compliant_bad&type=text/css' />
href='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=style_bad&type=text/css' />
<link rel='stylesheet' type='text/css'
href='file_CSP.sjs?testid=style_spec_compliant_good&type=text/css' />
href='file_CSP.sjs?testid=style_good&type=text/css' />
<style>
/* CSS font embedding tests */
@font-face {
font-family: "arbitrary_good";
src: url('file_CSP.sjs?testid=font_spec_compliant_good&type=application/octet-stream');
src: url('file_CSP.sjs?testid=font_good&type=application/octet-stream');
}
@font-face {
font-family: "arbitrary_bad";
src: url('http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=font_spec_compliant_bad&type=application/octet-stream');
src: url('http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=font_bad&type=application/octet-stream');
}
.div_arbitrary_good { font-family: "arbitrary_good"; }
@ -23,24 +23,24 @@
</head>
<body>
<!-- these should be stopped by CSP. :) -->
<img src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=img_spec_compliant_bad&type=img/png"> </img>
<audio src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=media_spec_compliant_bad&type=audio/vorbis"></audio>
<script src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=script_spec_compliant_bad&type=text/javascript'></script>
<iframe src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=frame_spec_compliant_bad&content=FAIL'></iframe>
<img src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=img_bad&type=img/png"> </img>
<audio src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=media_bad&type=audio/vorbis"></audio>
<script src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=script_bad&type=text/javascript'></script>
<iframe src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=frame_bad&content=FAIL'></iframe>
<object width="10" height="10">
<param name="movie" value="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_spec_compliant_bad&type=application/x-shockwave-flash">
<embed src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_spec_compliant_bad&type=application/x-shockwave-flash"></embed>
<param name="movie" value="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_bad&type=application/x-shockwave-flash">
<embed src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_bad&type=application/x-shockwave-flash"></embed>
</object>
<!-- these should load ok. :) -->
<img src="file_CSP.sjs?testid=img_spec_compliant_good&type=img/png" />
<audio src="file_CSP.sjs?testid=media_spec_compliant_good&type=audio/vorbis"></audio>
<script src='file_CSP.sjs?testid=script_spec_compliant_good&type=text/javascript'></script>
<iframe src='file_CSP.sjs?testid=frame_spec_compliant_good&content=PASS'></iframe>
<img src="file_CSP.sjs?testid=img_good&type=img/png" />
<audio src="file_CSP.sjs?testid=media_good&type=audio/vorbis"></audio>
<script src='file_CSP.sjs?testid=script_good&type=text/javascript'></script>
<iframe src='file_CSP.sjs?testid=frame_good&content=PASS'></iframe>
<object width="10" height="10">
<param name="movie" value="file_CSP.sjs?testid=object_spec_compliant_good&type=application/x-shockwave-flash">
<embed src="file_CSP.sjs?testid=object_spec_compliant_good&type=application/x-shockwave-flash"></embed>
<param name="movie" value="file_CSP.sjs?testid=object_good&type=application/x-shockwave-flash">
<embed src="file_CSP.sjs?testid=object_good&type=application/x-shockwave-flash"></embed>
</object>
<!-- XHR tests... they're taken care of in this script,

View File

@ -3,14 +3,14 @@
try {
var xhr_good = new XMLHttpRequest();
var xhr_good_uri ="http://mochi.test:8888/tests/content/base/test/csp/file_CSP.sjs?testid=xhr_spec_compliant_good";
var xhr_good_uri ="http://mochi.test:8888/tests/content/base/test/csp/file_CSP.sjs?testid=xhr_good";
xhr_good.open("GET", xhr_good_uri, true);
xhr_good.send(null);
} catch(e) {}
try {
var xhr_bad = new XMLHttpRequest();
var xhr_bad_uri ="http://example.com/tests/content/base/test/csp/file_CSP.sjs?testid=xhr_spec_compliant_bad";
var xhr_bad_uri ="http://example.com/tests/content/base/test/csp/file_CSP.sjs?testid=xhr_bad";
xhr_bad.open("GET", xhr_bad_uri, true);
xhr_bad.send(null);
} catch(e) {}

View File

@ -11,15 +11,15 @@ var thisSite = "http://mochi.test:8888";
var otherSite = "http://example.com";
var page = "/tests/content/base/test/csp/file_csp_redirects_page.sjs";
var tests = { "font-src-spec-compliant": thisSite+page+"?testid=font-src-spec-compliant&csp=1&spec=1",
"frame-src-spec-compliant": thisSite+page+"?testid=frame-src-spec-compliant&csp=1&spec=1",
"img-src-spec-compliant": thisSite+page+"?testid=img-src-spec-compliant&csp=1&spec=1",
"media-src-spec-compliant": thisSite+page+"?testid=media-src-spec-compliant&csp=1&spec=1",
"object-src-spec-compliant": thisSite+page+"?testid=object-src-spec-compliant&csp=1&spec=1",
"script-src-spec-compliant": thisSite+page+"?testid=script-src-spec-compliant&csp=1&spec=1",
"style-src-spec-compliant": thisSite+page+"?testid=style-src-spec-compliant&csp=1&spec=1",
"worker-spec-compliant": thisSite+page+"?testid=worker-spec-compliant&csp=1&spec=1",
"xhr-src-spec-compliant": thisSite+page+"?testid=xhr-src-spec-compliant&csp=1&spec=1",
var tests = { "font-src": thisSite+page+"?testid=font-src&csp=1&spec=1",
"frame-src": thisSite+page+"?testid=frame-src&csp=1&spec=1",
"img-src": thisSite+page+"?testid=img-src&csp=1&spec=1",
"media-src": thisSite+page+"?testid=media-src&csp=1&spec=1",
"object-src": thisSite+page+"?testid=object-src&csp=1&spec=1",
"script-src": thisSite+page+"?testid=script-src&csp=1&spec=1",
"style-src": thisSite+page+"?testid=style-src&csp=1&spec=1",
"worker": thisSite+page+"?testid=worker&csp=1&spec=1",
"xhr-src": thisSite+page+"?testid=xhr-src&csp=1&spec=1",
};
var container = document.getElementById("container");

View File

@ -33,101 +33,51 @@ function handleRequest(request, response)
return;
}
if (query["testid"] == "font-src-spec-compliant") {
var resp = '<style type="text/css"> @font-face { font-family:' +
'"Redirecting Font Spec Compliant"; src: url("' + resource +
'?res=font-spec-compliant&redir=other&id=font-src-redir-spec-compliant")} #test{font-family:' +
'"Redirecting Font Spec Compliant"}</style></head><body>' +
'<div id="test">test</div></body>';
response.write(resp);
return;
}
// iframe that redirects to another site
if (query["testid"] == "frame-src") {
response.write('<iframe src="'+resource+'?res=iframe&redir=other&id=frame-src-redir"></iframe>');
return;
}
if (query["testid"] == "frame-src-spec-compliant") {
response.write('<iframe src="'+resource+'?res=iframe&redir=other&id=frame-src-redir-spec-compliant"></iframe>');
return;
}
// image that redirects to another site
if (query["testid"] == "img-src") {
response.write('<img src="'+resource+'?res=image&redir=other&id=img-src-redir" />');
return;
}
if (query["testid"] == "img-src-spec-compliant") {
response.write('<img src="'+resource+'?res=image&redir=other&id=img-src-redir-spec-compliant" />');
return;
}
// video content that redirects to another site
if (query["testid"] == "media-src") {
response.write('<video src="'+resource+'?res=media&redir=other&id=media-src-redir"></video>');
return;
}
if (query["testid"] == "media-src-spec-compliant") {
response.write('<video src="'+resource+'?res=media&redir=other&id=media-src-redir-spec-compliant"></video>');
return;
}
// object content that redirects to another site
if (query["testid"] == "object-src") {
response.write('<object type="text/html" data="'+resource+'?res=object&redir=other&id=object-src-redir"></object>');
return;
}
if (query["testid"] == "object-src-spec-compliant") {
response.write('<object type="text/html" data="'+resource+'?res=object&redir=other&id=object-src-redir-spec-compliant"></object>');
return;
}
// external script that redirects to another site
if (query["testid"] == "script-src") {
response.write('<script src="'+resource+'?res=script&redir=other&id=script-src-redir"></script>');
return;
}
if (query["testid"] == "script-src-spec-compliant") {
response.write('<script src="'+resource+'?res=script&redir=other&id=script-src-redir-spec-compliant"></script>');
return;
}
// external stylesheet that redirects to another site
if (query["testid"] == "style-src") {
response.write('<link rel="stylesheet" type="text/css" href="'+resource+'?res=style&redir=other&id=style-src-redir"></script>');
return;
}
if (query["testid"] == "style-src-spec-compliant") {
response.write('<link rel="stylesheet" type="text/css" href="'+resource+'?res=style&redir=other&id=style-src-redir-spec-compliant"></script>');
return;
}
// worker script resource that redirects to another site
if (query["testid"] == "worker") {
response.write('<script src="'+resource+'?res=worker&redir=other&id=worker-redir"></script>');
return;
}
if (query["testid"] == "worker-spec-compliant") {
response.write('<script src="'+resource+'?res=worker&redir=other&id=worker-redir-spec-compliant"></script>');
return;
}
// script that XHR's to a resource that redirects to another site
if (query["testid"] == "xhr-src") {
response.write('<script src="'+resource+'?res=xhr"></script>');
return;
}
if (query["testid"] == "xhr-src-spec-compliant") {
response.write('<script src="'+resource+'?res=xhr-spec-compliant"></script>');
return;
}
}

View File

@ -43,13 +43,6 @@ function handleRequest(request, response)
return;
}
if (query["res"] == "font-spec-compliant") {
response.setHeader("Access-Control-Allow-Origin", "*", false);
response.setHeader("Content-Type", "text/plain", false);
response.write("font data...");
return;
}
// iframe with arbitrary content
if (query["res"] == "iframe") {
response.setHeader("Content-Type", "text/html", false);
@ -109,17 +102,17 @@ function handleRequest(request, response)
return;
}
if (query["res"] == "xhr-spec-compliant") {
if (query["res"] == "xhr") {
response.setHeader("Content-Type", "text/html", false);
var resp = 'var x = new XMLHttpRequest(); x.open("GET", "' + otherSite +
resource+'?res=xhr-resp-spec-compliant&testid=xhr-src-redir-spec-compliant", false); ' +
resource+'?res=xhr-resp&testid=xhr-src-redir", false); ' +
'x.send(null);';
response.write(resp);
return;
}
// response to XHR
if (query["res"] == "xhr-resp-spec-compliant") {
if (query["res"] == "xhr-resp") {
response.setHeader("Access-Control-Allow-Origin", "*", false);
response.setHeader("Content-Type", "text/html", false);
response.write('XHR response...');

View File

@ -15,22 +15,22 @@
// These are test results: -1 means it hasn't run,
// true/false is the pass/fail result.
window.tests = {
img_spec_compliant_good: -1,
img_spec_compliant_bad: -1,
style_spec_compliant_good: -1,
style_spec_compliant_bad: -1,
frame_spec_compliant_good: -1,
frame_spec_compliant_bad: -1,
script_spec_compliant_good: -1,
script_spec_compliant_bad: -1,
xhr_spec_compliant_good: -1,
xhr_spec_compliant_bad: -1,
media_spec_compliant_good: -1,
media_spec_compliant_bad: -1,
font_spec_compliant_good: -1,
font_spec_compliant_bad: -1,
object_spec_compliant_good: -1,
object_spec_compliant_bad: -1,
img_good: -1,
img_bad: -1,
style_good: -1,
style_bad: -1,
frame_good: -1,
frame_bad: -1,
script_good: -1,
script_bad: -1,
xhr_good: -1,
xhr_bad: -1,
media_good: -1,
media_bad: -1,
font_good: -1,
font_bad: -1,
object_good: -1,
object_bad: -1,
};
// This is used to watch the blocked data bounce off CSP and allowed data

View File

@ -15,16 +15,16 @@
// These are test results: -1 means it hasn't run,
// true/false is the pass/fail result.
var framesThatShouldLoad = {
aa_allow_spec_compliant: -1, /* innermost frame allows a *
//aa_block_spec_compliant: -1, /* innermost frame denies a */
ab_allow_spec_compliant: -1, /* innermost frame allows a */
//ab_block_spec_compliant: -1, /* innermost frame denies a */
aba_allow_spec_compliant: -1, /* innermost frame allows b,a */
//aba_block_spec_compliant: -1, /* innermost frame denies b */
//aba2_block_spec_compliant: -1, /* innermost frame denies a */
abb_allow_spec_compliant: -1, /* innermost frame allows b,a */
//abb_block_spec_compliant: -1, /* innermost frame denies b */
//abb2_block_spec_compliant: -1, /* innermost frame denies a */
aa_allow: -1, /* innermost frame allows a *
//aa_block: -1, /* innermost frame denies a */
ab_allow: -1, /* innermost frame allows a */
//ab_block: -1, /* innermost frame denies a */
aba_allow: -1, /* innermost frame allows b,a */
//aba_block: -1, /* innermost frame denies b */
//aba2_block: -1, /* innermost frame denies a */
abb_allow: -1, /* innermost frame allows b,a */
//abb_block: -1, /* innermost frame denies b */
//abb2_block: -1, /* innermost frame denies a */
};
var expectedViolationsLeft = 6;

View File

@ -23,20 +23,20 @@ var done = 0;
// When a CSP 1.0 compliant policy is specified we should block inline
// styles applied by <style> element, style attribute, and SMIL <animate> and <set> tags
// (when it's not explicitly allowed.)
function checkStylesSpecCompliant(evt) {
function checkStyles(evt) {
var cspframe = document.getElementById('cspframe1');
var color;
// black means the style wasn't applied. green colors are used for styles
//expected to be applied. A color is red if a style is erroneously applied
color = window.getComputedStyle(cspframe.contentDocument.getElementById('linkstylediv'),null)['color'];
ok('rgb(0, 255, 0)' === color, 'External Stylesheet (CSP 1.0 spec compliant) (' + color + ')');
ok('rgb(0, 255, 0)' === color, 'External Stylesheet (' + color + ')');
color = window.getComputedStyle(cspframe.contentDocument.getElementById('inlinestylediv'),null)['color'];
ok('rgb(0, 0, 0)' === color, 'Inline Style TAG (CSP 1.0 spec compliant) (' + color + ')');
ok('rgb(0, 0, 0)' === color, 'Inline Style TAG (' + color + ')');
color = window.getComputedStyle(cspframe.contentDocument.getElementById('attrstylediv'),null)['color'];
ok('rgb(0, 0, 0)' === color, 'Style Attribute (CSP 1.0 spec compliant) (' + color + ')');
ok('rgb(0, 0, 0)' === color, 'Style Attribute (' + color + ')');
color = window.getComputedStyle(cspframe.contentDocument.getElementById('csstextstylediv'),null)['color'];
ok('rgb(0, 255, 0)' === color, 'cssText (CSP 1.0 spec compliant) (' + color + ')');
ok('rgb(0, 255, 0)' === color, 'cssText (' + color + ')');
// SMIL tests
color = window.getComputedStyle(cspframe.contentDocument.getElementById('xmlTest',null))['fill'];
ok('rgb(0, 0, 0)' === color, 'XML Attribute styling (SMIL) (' + color + ')');
@ -55,23 +55,23 @@ function checkStylesSpecCompliant(evt) {
// When a CSP 1.0 compliant policy is specified we should allow inline
// styles when it is explicitly allowed.
function checkStylesSpecCompliantAllowed(evt) {
function checkStylesAllowed(evt) {
var cspframe = document.getElementById('cspframe2');
var color;
// black means the style wasn't applied. green colors are used for styles
// expected to be applied. A color is red if a style is erroneously applied
color = window.getComputedStyle(cspframe.contentDocument.getElementById('linkstylediv'),null)['color'];
ok('rgb(0, 255, 0)' === color, 'External Stylesheet (CSP 1.0 spec compliant, allowed) (' + color + ')');
ok('rgb(0, 255, 0)' === color, 'External Stylesheet (' + color + ')');
color = window.getComputedStyle(cspframe.contentDocument.getElementById('inlinestylediv'),null)['color'];
ok('rgb(0, 255, 0)' === color, 'Inline Style TAG (CSP 1.0 spec compliant, allowed) (' + color + ')');
ok('rgb(0, 255, 0)' === color, 'Inline Style TAG (' + color + ')');
color = window.getComputedStyle(cspframe.contentDocument.getElementById('attrstylediv'),null)['color'];
ok('rgb(0, 255, 0)' === color, 'Style Attribute (CSP 1.0 spec compliant, allowed) (' + color + ')');
ok('rgb(0, 255, 0)' === color, 'Style Attribute (' + color + ')');
// Note that the below test will fail if "script-src: 'unsafe-inline'" breaks,
// since it relies on executing script to set .cssText
color = window.getComputedStyle(cspframe.contentDocument.getElementById('csstextstylediv'),null)['color'];
ok('rgb(0, 255, 0)' === color, 'style.cssText (CSP 1.0 spec compliant, allowed) (' + color + ')');
ok('rgb(0, 255, 0)' === color, 'style.cssText (' + color + ')');
// SMIL tests
color = window.getComputedStyle(cspframe.contentDocument.getElementById('xmlTest',null))['fill'];
ok('rgb(0, 255, 0)' === color, 'XML Attribute styling (SMIL) (' + color + ')');
@ -100,9 +100,9 @@ SpecialPowers.pushPrefEnv(
// save this for last so that our listeners are registered.
// ... this loads the testbed of good and bad requests.
document.getElementById('cspframe1').src = 'file_CSP_inlinestyle_main.html';
document.getElementById('cspframe1').addEventListener('load', checkStylesSpecCompliant, false);
document.getElementById('cspframe1').addEventListener('load', checkStyles, false);
document.getElementById('cspframe2').src = 'file_CSP_inlinestyle_main_allowed.html';
document.getElementById('cspframe2').addEventListener('load', checkStylesSpecCompliantAllowed, false);
document.getElementById('cspframe2').addEventListener('load', checkStylesAllowed, false);
}
);
</script>

View File

@ -68,24 +68,24 @@ examiner.prototype = {
window.examiner = new examiner();
// contains { test_frame_id : expected_result }
var testExpectedResults = { "font-src-spec-compliant": true,
"font-src-redir-spec-compliant": false,
"frame-src-spec-compliant": true,
"frame-src-redir-spec-compliant": false,
"img-src-spec-compliant": true,
"img-src-redir-spec-compliant": false,
"media-src-spec-compliant": true,
"media-src-redir-spec-compliant": false,
"object-src-spec-compliant": true,
"object-src-redir-spec-compliant": false,
"script-src-spec-compliant": true,
"script-src-redir-spec-compliant": false,
"style-src-spec-compliant": true,
"style-src-redir-spec-compliant": false,
"worker-spec-compliant": true,
"worker-redir-spec-compliant": false,
"xhr-src-spec-compliant": true,
"xhr-src-redir-spec-compliant": false,
var testExpectedResults = { "font-src": true,
"font-src-redir": false,
"frame-src": true,
"frame-src-redir": false,
"img-src": true,
"img-src-redir": false,
"media-src": true,
"media-src-redir": false,
"object-src": true,
"object-src-redir": false,
"script-src": true,
"script-src-redir": false,
"style-src": true,
"style-src-redir": false,
"worker": true,
"worker-redir": false,
"xhr-src": true,
"xhr-src-redir": false,
};
// takes the name of the test, the URL that was tested, and whether the