mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-26 06:11:37 +00:00
Bug 945268 - Modify CSP tests to work on multiprocess (e10s/B2G). r=sstamm, r=rcampbell
This commit is contained in:
parent
8fbc799a9d
commit
a56a5ea0c3
@ -2,23 +2,20 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for Content Security Policy Connections</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
<iframe style="width:200px;height:200px;" id='cspframe'></iframe>
|
||||
<iframe style="width:200px;height:200px;" id='cspframe2'></iframe>
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
var path = "/tests/content/base/test/csp/";
|
||||
|
||||
// These are test results: -1 means it hasn't run,
|
||||
// These are test results: -1 means it hasn't run,
|
||||
// true/false is the pass/fail result.
|
||||
window.tests = {
|
||||
img_good: -1,
|
||||
@ -55,37 +52,34 @@ window.tests = {
|
||||
object_spec_compliant_bad: -1,
|
||||
};
|
||||
|
||||
|
||||
// This is used to watch the blocked data bounce off CSP and allowed data
|
||||
// This is used to watch the blocked data bounce off CSP and allowed data
|
||||
// get sent out to the wire.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testpat = new RegExp("testid=([a-z0-9_]+)");
|
||||
|
||||
//_good things better be allowed!
|
||||
//_bad things better be stopped!
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
//these things were allowed by CSP
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
// This is a special observer topic that is proxied from
|
||||
// http-on-modify-request in the parent process to inform us when a URI is
|
||||
// loaded
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
var uri = data;
|
||||
if (!testpat.test(uri)) return;
|
||||
var testid = testpat.exec(uri)[1];
|
||||
|
||||
window.testResult(testid,
|
||||
/_good/.test(testid),
|
||||
asciiSpec + " allowed by csp");
|
||||
uri + " allowed by csp");
|
||||
}
|
||||
|
||||
if(topic === "csp-on-violate-policy") {
|
||||
//these were blocked... record that they were blocked
|
||||
if (topic === "csp-on-violate-policy") {
|
||||
// these were blocked... record that they were blocked
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
@ -95,11 +89,11 @@ examiner.prototype = {
|
||||
}
|
||||
},
|
||||
|
||||
// must eventually call this to remove the listener,
|
||||
// must eventually call this to remove the listener,
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
|
||||
@ -126,7 +120,13 @@ window.testResult = function(testname, result, msg) {
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
SpecialPowers.pushPrefEnv(
|
||||
{'set':[["security.csp.speccompliant", true]]},
|
||||
{'set':[["security.csp.speccompliant", true],
|
||||
// This defaults to 0 ("preload none") on mobile (B2G/Android), which
|
||||
// blocks loading the resource until the user interacts with a
|
||||
// corresponding widget, which breaks the media_* tests. We set it
|
||||
// back to the default used by desktop Firefox to get consistent
|
||||
// behavior.
|
||||
["media.preload.default", 2]]},
|
||||
function() {
|
||||
// save this for last so that our listeners are registered.
|
||||
// ... this loads the testbed of good and bad requests.
|
||||
|
@ -26,22 +26,16 @@ window.tests = {
|
||||
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testpat = new RegExp("testid=([a-zA-Z]+)");
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
//these things were allowed by CSP
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (!testpat.test(asciiSpec))
|
||||
return;
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
var uri = data;
|
||||
if (!testpat.test(uri)) return;
|
||||
var testid = testpat.exec(uri)[1];
|
||||
window.testResult(testid,
|
||||
/Loaded/.test(testid),
|
||||
"resource loaded");
|
||||
@ -70,7 +64,7 @@ examiner.prototype = {
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -19,24 +19,20 @@
|
||||
// get sent out to the wire.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
examiner.prototype = {
|
||||
completedTests: 0,
|
||||
totalTests: 4,
|
||||
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testpat = new RegExp("testid=([a-z0-9_]+)");
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
//these things were allowed by CSP
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
// these things were allowed by CSP
|
||||
var uri = data;
|
||||
if (!testpat.test(uri)) return;
|
||||
var testid = testpat.exec(uri)[1];
|
||||
if (testid === "img_bad") {
|
||||
// img_bad should be *allowed* because the policy is report-only
|
||||
ok(true, "Inline scripts should execute (because the policy is report-only)");
|
||||
@ -69,7 +65,7 @@ examiner.prototype = {
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -33,29 +33,25 @@ window.tests = {
|
||||
// get sent out to the wire.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testpat = new RegExp("testid=([a-z0-9_]+)");
|
||||
|
||||
//_good things better be allowed!
|
||||
//_bad things better be stopped!
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
//these things were allowed by CSP
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
var uri = data;
|
||||
if (!testpat.test(uri)) return;
|
||||
var testid = testpat.exec(uri)[1];
|
||||
|
||||
window.testResult(testid,
|
||||
/_good/.test(testid),
|
||||
asciiSpec + " allowed by csp");
|
||||
uri + " allowed by csp");
|
||||
}
|
||||
|
||||
if(topic === "csp-on-violate-policy") {
|
||||
@ -73,7 +69,7 @@ examiner.prototype = {
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2,16 +2,13 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for Content Security Policy "no eval" base restriction</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
<iframe style="width:100%;height:300px;" id='cspframe'></iframe>
|
||||
<iframe style="width:100%;height:300px;" id='cspframe2'></iframe>
|
||||
<iframe style="width:100%;height:300px;" id='cspframe3'></iframe>
|
||||
@ -23,7 +20,6 @@ var evalScriptsThatRan = 0;
|
||||
var evalScriptsBlocked = 0;
|
||||
var evalScriptsTotal = 24;
|
||||
|
||||
|
||||
// called by scripts that run
|
||||
var scriptRan = function(shouldrun, testname, data) {
|
||||
evalScriptsThatRan++;
|
||||
|
@ -2,16 +2,13 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for Content Security Policy "no eval" in crypto.getCRMFRequest()</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
<iframe style="width:100%;height:300px;" id='cspframe'></iframe>
|
||||
<iframe style="width:100%;height:300px;" id='cspframe2'></iframe>
|
||||
<iframe style="width:100%;height:300px;" id='cspframe3'></iframe>
|
||||
@ -24,7 +21,6 @@ var evalScriptsThatRan = 0;
|
||||
var evalScriptsBlocked = 0;
|
||||
var evalScriptsTotal = 4;
|
||||
|
||||
|
||||
// called by scripts that run
|
||||
var scriptRan = function(shouldrun, testname, data) {
|
||||
evalScriptsThatRan++;
|
||||
@ -39,7 +35,6 @@ var scriptBlocked = function(shouldrun, testname, data) {
|
||||
checkTestResults();
|
||||
}
|
||||
|
||||
|
||||
// Check to see if all the tests have run
|
||||
var checkTestResults = function() {
|
||||
// if any test is incomplete, keep waiting
|
||||
|
@ -2,23 +2,20 @@
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for Content Security Policy Frame Ancestors directive</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
<iframe style="width:100%;height:300px;" id='cspframe'></iframe>
|
||||
<iframe style="width:100%;height:300px;" id='cspframe2'></iframe>
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
var path = "/tests/content/base/test/csp/";
|
||||
|
||||
// These are test results: -1 means it hasn't run,
|
||||
// These are test results: -1 means it hasn't run,
|
||||
// true/false is the pass/fail result.
|
||||
var framesThatShouldLoad = {
|
||||
aa_allow: -1, /* innermost frame allows a */
|
||||
@ -47,7 +44,7 @@ var framesThatShouldLoad = {
|
||||
|
||||
var expectedViolationsLeft = 14;
|
||||
|
||||
// This is used to watch the blocked data bounce off CSP and allowed data
|
||||
// This is used to watch the blocked data bounce off CSP and allowed data
|
||||
// get sent out to the wire.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
@ -57,7 +54,7 @@ examiner.prototype = {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
|
||||
if (topic === "csp-on-violate-policy") {
|
||||
//these were blocked... record that they were blocked
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
|
||||
@ -65,7 +62,7 @@ examiner.prototype = {
|
||||
}
|
||||
},
|
||||
|
||||
// must eventually call this to remove the listener,
|
||||
// must eventually call this to remove the listener,
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
|
@ -24,18 +24,14 @@ var totalTests = 2;
|
||||
// get sent out to the wire.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if(!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (asciiSpec == prefixedHeaderImgURL || asciiSpec == unprefixedHeaderImgURL) {
|
||||
is(asciiSpec, unprefixedHeaderImgURL, "Load was allowed - should be allowed by unprefixed header (blocked by prefixed)");
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
var allowedUri = data;
|
||||
if (allowedUri == prefixedHeaderImgURL || allowedUri == unprefixedHeaderImgURL) {
|
||||
is(allowedUri, unprefixedHeaderImgURL, "Load was allowed - should be allowed by unprefixed header (blocked by prefixed)");
|
||||
testRan();
|
||||
}
|
||||
}
|
||||
@ -55,7 +51,7 @@ examiner.prototype = {
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -43,22 +43,16 @@ window.violation_reports = {
|
||||
// get sent out to the wire. This also watches for violation reports to go out.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if(!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testpat = new RegExp("testid=([a-z0-9_]+)");
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(
|
||||
SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"),
|
||||
"URI.asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
var uri = data;
|
||||
if (!testpat.test(uri)) return;
|
||||
var testid = testpat.exec(uri)[1];
|
||||
|
||||
// violation reports don't come through here, but the requested resources do
|
||||
// if the test has already finished, move on. Some things throw multiple
|
||||
@ -68,8 +62,8 @@ examiner.prototype = {
|
||||
} catch(e) { return; }
|
||||
|
||||
// these are requests that were allowed by CSP
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
window.testResult(testid, 'allowed', asciiSpec + " allowed by csp");
|
||||
var testid = testpat.exec(uri)[1];
|
||||
window.testResult(testid, 'allowed', uri + " allowed by csp");
|
||||
}
|
||||
|
||||
if(topic === "csp-on-violate-policy") {
|
||||
@ -112,7 +106,7 @@ examiner.prototype = {
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
window.bug836922examiner = new examiner();
|
||||
|
@ -9,10 +9,7 @@
|
||||
<body>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
<iframe style="width:200px;height:200px;" id='cspframe' sandbox="allow-same-origin"></iframe>
|
||||
<iframe style="width:200px;height:200px;" id='cspframe2' sandbox></iframe>
|
||||
<iframe style="width:200px;height:200px;" id='cspframe3' sandbox="allow-same-origin"></iframe>
|
||||
@ -96,28 +93,24 @@ function ok_wrapper(result, desc) {
|
||||
// get sent out to the wire.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testpat = new RegExp("testid=([a-z0-9_]+)");
|
||||
|
||||
//_good things better be allowed!
|
||||
//_bad things better be stopped!
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
//these things were allowed by CSP
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
var testid = testpat.exec(asciiSpec)[1];
|
||||
var uri = data;
|
||||
if (!testpat.test(uri)) return;
|
||||
var testid = testpat.exec(uri)[1];
|
||||
|
||||
window.testResult(testid,
|
||||
/_good/.test(testid),
|
||||
asciiSpec + " allowed by csp");
|
||||
uri + " allowed by csp");
|
||||
}
|
||||
|
||||
if(topic === "csp-on-violate-policy") {
|
||||
@ -135,7 +128,7 @@ examiner.prototype = {
|
||||
// or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -20,6 +20,7 @@ var path = "/tests/content/base/test/csp/";
|
||||
// debugging
|
||||
function log(s) {
|
||||
return;
|
||||
dump("**" + s + "\n");
|
||||
var log = document.getElementById("log");
|
||||
log.textContent = log.textContent+s+"\n";
|
||||
}
|
||||
@ -27,26 +28,22 @@ function log(s) {
|
||||
// used to watch if requests are blocked by CSP or allowed through
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
}
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
// subject should be an nsURI, and should be either allowed or blocked.
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testpat = new RegExp("testid=([a-z0-9-]+)");
|
||||
var asciiSpec;
|
||||
var testid;
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
// request was sent
|
||||
asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
testid = testpat.exec(asciiSpec)[1];
|
||||
var allowedUri = data;
|
||||
if (!testpat.test(allowedUri)) return;
|
||||
testid = testpat.exec(allowedUri)[1];
|
||||
if (testExpectedResults[testid] == "completed") return;
|
||||
log("allowed: "+asciiSpec);
|
||||
window.testResult(testid, asciiSpec, true);
|
||||
log("allowed: "+allowedUri);
|
||||
window.testResult(testid, allowedUri, true);
|
||||
}
|
||||
|
||||
else if (topic === "csp-on-violate-policy") {
|
||||
@ -65,7 +62,7 @@ examiner.prototype = {
|
||||
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
window.examiner = new examiner();
|
||||
@ -132,7 +129,13 @@ var testResult = function(testName, url, result) {
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
SpecialPowers.pushPrefEnv(
|
||||
{'set':[["security.csp.speccompliant", true]]},
|
||||
{'set':[["security.csp.speccompliant", true],
|
||||
// This defaults to 0 ("preload none") on mobile (B2G/Android), which
|
||||
// blocks loading the resource until the user interacts with a
|
||||
// corresponding widget, which breaks the media_* tests. We set it
|
||||
// back to the default used by desktop Firefox to get consistent
|
||||
// behavior.
|
||||
["media.preload.default", 2]]},
|
||||
function() {
|
||||
// save this for last so that our listeners are registered.
|
||||
// ... this loads the testbed of good and bad requests.
|
||||
|
@ -26,25 +26,21 @@ var expectedScriptInlineViolations = 1;
|
||||
|
||||
// This is used to watch the blocked data bounce off CSP
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "http-on-modify-request", false);
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
|
||||
}
|
||||
|
||||
examiner.prototype = {
|
||||
observe: function(subject, topic, data) {
|
||||
if (!SpecialPowers.can_QI(subject))
|
||||
return;
|
||||
|
||||
var testid_re = new RegExp("testid=([a-z0-9_]+)");
|
||||
|
||||
//_good things better be allowed!
|
||||
//_bad things better be blocked!
|
||||
|
||||
if (topic === "http-on-modify-request") {
|
||||
// these things were allowed by CSP
|
||||
var allowed_uri = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIHttpChannel"), "URI.asciiSpec");
|
||||
if (!testid_re.test(allowed_uri)) return;
|
||||
var testid = testid_re.exec(allowed_uri)[1];
|
||||
if (topic === "specialpowers-http-notify-request") {
|
||||
var uri = data;
|
||||
if (!testid_re.test(uri)) return;
|
||||
var testid = testid_re.exec(uri)[1];
|
||||
ok(/_good/.test(testid), "Allowed URI with testid " + testid);
|
||||
ranTests(1);
|
||||
}
|
||||
@ -59,6 +55,7 @@ examiner.prototype = {
|
||||
ranTests(1);
|
||||
} catch (e) {
|
||||
// if the subject is blocked inline, data will be a violation msg (defined at the top of contentSecurityPolicy.js)
|
||||
//dump("** exception in csp-on-violate-policy: " + e + "\n");
|
||||
var violation_msg = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsISupportsCString"), "data");
|
||||
if (/Inline Script/.test(violation_msg)) {
|
||||
if (/Inline Script had invalid nonce/.test(violation_msg))
|
||||
@ -73,7 +70,7 @@ examiner.prototype = {
|
||||
},
|
||||
// must eventually call this to remove the listener, or mochitests might get borked.
|
||||
remove: function() {
|
||||
SpecialPowers.removeObserver(this, "http-on-modify-request");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
}
|
||||
}
|
||||
|
@ -205,18 +205,6 @@
|
||||
"content/base/test/test_object.html":"needs plugin support",
|
||||
"content/base/test/test_bug827160.html": "needs plugin support",
|
||||
|
||||
"content/base/test/csp/test_CSP_evalscript.html":"observer not working",
|
||||
"content/base/test/csp/test_CSP_evalscript_getCRMFRequest.html":"observer not working",
|
||||
"content/base/test/csp/test_CSP_frameancestors.html":"observer not working",
|
||||
"content/base/test/csp/test_CSP.html":"observer not working",
|
||||
"content/base/test/csp/test_bug836922_npolicies.html":"observer not working",
|
||||
"content/base/test/csp/test_bug886164.html":"observer not working",
|
||||
"content/base/test/csp/test_CSP_bug916446.html":"observer not working",
|
||||
"content/base/test/csp/test_CSP_bug909029.html":"observer not working",
|
||||
"content/base/test/csp/test_policyuri_regression_from_multipolicy.html":"observer not working",
|
||||
"content/base/test/csp/test_nonce_source.html":"observer not working",
|
||||
"content/base/test/csp/test_CSP_bug941404.html":"observer not working",
|
||||
|
||||
"content/base/test/test_CrossSiteXHR_origin.html":"https not working, bug 907770",
|
||||
"content/base/test/test_plugin_freezing.html":"",
|
||||
"content/base/test/test_bug466409.html":"",
|
||||
@ -229,7 +217,6 @@
|
||||
"content/base/test/test_bug717511.html":"",
|
||||
"content/base/test/test_copypaste.xhtml":"bug 904183",
|
||||
"content/base/test/test_copypaste.xul":"bug 904183",
|
||||
"content/base/test/csp/test_csp_redirects.html":"",
|
||||
"content/base/test/test_fileapi_slice.html":"",
|
||||
"content/base/test/test_mixed_content_blocker.html":"",
|
||||
"content/base/test/test_mixed_content_blocker_bug803225.html":"",
|
||||
@ -255,7 +242,6 @@
|
||||
"content/svg/content/test/test_text_selection.html":"Mouse selection not workin on b2g",
|
||||
"content/svg/content/test/test_SVGAnimatedImageSMILDisabled.html":"",
|
||||
"content/xml/document/test/test_bug392338.html":"",
|
||||
"content/base/test/csp/test_bothCSPheaders.html":"",
|
||||
"content/base/test/test_bug383430.html":"",
|
||||
"content/base/test/test_bug422403-2.xhtml":"",
|
||||
"content/base/test/test_bug424359-1.html":"",
|
||||
@ -433,6 +419,8 @@
|
||||
"layout/style/test/test_visited_reftests.html":"bug 870262, :visited support",
|
||||
|
||||
"Harness_sanity/test_sanityEventUtils.html": "bug 688052",
|
||||
"Harness_sanity/test_sanitySimpletest.html": "bug 688052"
|
||||
"Harness_sanity/test_sanitySimpletest.html": "bug 688052",
|
||||
|
||||
"content/base/test/csp/test_CSP_evalscript_getCRMFRequest.html":"no window.crypto support in multiprocess"
|
||||
}
|
||||
}
|
||||
|
@ -70,6 +70,13 @@ SpecialPowersObserver.prototype = new SpecialPowersObserverAPI();
|
||||
}
|
||||
break;
|
||||
|
||||
case "http-on-modify-request":
|
||||
if (aSubject instanceof Ci.nsIChannel) {
|
||||
let uri = aSubject.URI.spec;
|
||||
this._sendAsyncMessage("specialpowers-http-notify-request", { uri: uri });
|
||||
}
|
||||
break;
|
||||
|
||||
case "xpcom-shutdown":
|
||||
this.uninit();
|
||||
break;
|
||||
@ -99,6 +106,7 @@ SpecialPowersObserver.prototype = new SpecialPowersObserverAPI();
|
||||
var obs = Services.obs;
|
||||
obs.addObserver(this, "xpcom-shutdown", false);
|
||||
obs.addObserver(this, "chrome-document-global-created", false);
|
||||
obs.addObserver(this, "http-on-modify-request", false);
|
||||
|
||||
if (messageManager) {
|
||||
this._messageManager = messageManager;
|
||||
@ -110,6 +118,7 @@ SpecialPowersObserver.prototype = new SpecialPowersObserverAPI();
|
||||
{
|
||||
var obs = Services.obs;
|
||||
obs.removeObserver(this, "chrome-document-global-created");
|
||||
obs.removeObserver(this, "http-on-modify-request");
|
||||
this._removeProcessCrashObservers();
|
||||
};
|
||||
|
||||
|
@ -973,7 +973,27 @@ SpecialPowersAPI.prototype = {
|
||||
return this._sendSyncMessage("SPWebAppService", message);
|
||||
},
|
||||
|
||||
_proxiedObservers: {
|
||||
"specialpowers-http-notify-request": function(aMessage) {
|
||||
let uri = aMessage.json.uri;
|
||||
Services.obs.notifyObservers(null, "specialpowers-http-notify-request", uri);
|
||||
},
|
||||
},
|
||||
|
||||
_addObserverProxy: function(notification) {
|
||||
if (notification in this._proxiedObservers) {
|
||||
this._addMessageListener(notification, this._proxiedObservers[notification]);
|
||||
}
|
||||
},
|
||||
|
||||
_removeObserverProxy: function(notification) {
|
||||
if (notification in this._proxiedObservers) {
|
||||
this._removeMessageListener(notification, this._proxiedObservers[notification]);
|
||||
}
|
||||
},
|
||||
|
||||
addObserver: function(obs, notification, weak) {
|
||||
this._addObserverProxy(notification);
|
||||
if (typeof obs == 'object' && obs.observe.name != 'SpecialPowersCallbackWrapper')
|
||||
obs.observe = wrapCallback(obs.observe);
|
||||
var obsvc = Cc['@mozilla.org/observer-service;1']
|
||||
@ -981,6 +1001,7 @@ SpecialPowersAPI.prototype = {
|
||||
obsvc.addObserver(obs, notification, weak);
|
||||
},
|
||||
removeObserver: function(obs, notification) {
|
||||
this._removeObserverProxy(notification);
|
||||
var obsvc = Cc['@mozilla.org/observer-service;1']
|
||||
.getService(Ci.nsIObserverService);
|
||||
obsvc.removeObserver(obs, notification);
|
||||
|
Loading…
Reference in New Issue
Block a user