Bug 1583632 [wpt PR 19270] - Parse CSP frame-ancestors on responses by service worker., a=testonly

Automatic update from web-platform-tests
Parse CSP frame-ancestors on responses by service worker.

The parsed CSP data is later used in the browser process for
enforcement of the frame-ancestors directive.

Bug: 759184
Change-Id: Iee12fcd3f3e1f589891227b9426f9ef0df740875
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1819631
Commit-Queue: Lucas Gadani <lfg@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#700798}

--

wpt-commits: f59e2a67f1a4a14c03ba6da2a672ff93b0da91ad
wpt-pr: 19270

testing/web-platform/tests/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html

@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
+</head>
+<body>
+  <script>
+    var t = async_test("A 'frame-ancestors' CSP directive set from a serviceworker response with a value 'none' should block rendering.");
+
+    // Register service worker.
+    var worker = 'support/service-worker.js';
+    var scope = 'support/service-worker/';
+    service_worker_unregister_and_register(t, worker, scope)
+      .then(registration => wait_for_state(t, registration.installing, 'activated'))
+      .then(() => {
+        // Load iframe.
+        var iframe = document.createElement("iframe");
+        function iframeLoaded(ev) {
+          var failed = false;
+          try {
+            ev.target.contentWindow.location.href;
+            failed = true;
+          } catch (ex) {}
+          t.step_func_done(() => assert_false(failed, "The IFrame should have been blocked. It wasn't."))();
+        };
+        iframe.addEventListener("load", iframeLoaded);
+        iframe.addEventListener("error", iframeLoaded);
+        iframe.src = "/content-security-policy/frame-ancestors/support/service-worker/frame-ancestors-none.html";
+        document.body.appendChild(iframe);
+      });
+  </script>
+</body>
+</html>
+

testing/web-platform/tests/content-security-policy/frame-ancestors/support/service-worker.js

@@ -0,0 +1,10 @@
+self.onfetch = e => {
+  e.respondWith(function() {
+    return new Promise((resolve) => {
+      var headers = new Headers;
+      headers.append("Content-Security-Policy", "frame-ancestors 'none'");
+      var response = new Response("", { "headers" : headers, "status": 200, "statusText" : "OK" });
+      resolve(response);
+    });
+  }());
+};