mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-25 11:15:34 +00:00
Bug 1583632 [wpt PR 19270] - Parse CSP frame-ancestors on responses by service worker., a=testonly
Automatic update from web-platform-tests Parse CSP frame-ancestors on responses by service worker. The parsed CSP data is later used in the browser process for enforcement of the frame-ancestors directive. Bug: 759184 Change-Id: Iee12fcd3f3e1f589891227b9426f9ef0df740875 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1819631 Commit-Queue: Lucas Gadani <lfg@chromium.org> Reviewed-by: Kinuko Yasuda <kinuko@chromium.org> Cr-Commit-Position: refs/heads/master@{#700798} -- wpt-commits: f59e2a67f1a4a14c03ba6da2a672ff93b0da91ad wpt-pr: 19270
This commit is contained in:
parent
c64c566107
commit
b279eb7348
@ -0,0 +1,36 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<script src="/resources/testharness.js"></script>
|
||||
<script src="/resources/testharnessreport.js"></script>
|
||||
<script src="/service-workers/service-worker/resources/test-helpers.sub.js"></script>
|
||||
</head>
|
||||
<body>
|
||||
<script>
|
||||
var t = async_test("A 'frame-ancestors' CSP directive set from a serviceworker response with a value 'none' should block rendering.");
|
||||
|
||||
// Register service worker.
|
||||
var worker = 'support/service-worker.js';
|
||||
var scope = 'support/service-worker/';
|
||||
service_worker_unregister_and_register(t, worker, scope)
|
||||
.then(registration => wait_for_state(t, registration.installing, 'activated'))
|
||||
.then(() => {
|
||||
// Load iframe.
|
||||
var iframe = document.createElement("iframe");
|
||||
function iframeLoaded(ev) {
|
||||
var failed = false;
|
||||
try {
|
||||
ev.target.contentWindow.location.href;
|
||||
failed = true;
|
||||
} catch (ex) {}
|
||||
t.step_func_done(() => assert_false(failed, "The IFrame should have been blocked. It wasn't."))();
|
||||
};
|
||||
iframe.addEventListener("load", iframeLoaded);
|
||||
iframe.addEventListener("error", iframeLoaded);
|
||||
iframe.src = "/content-security-policy/frame-ancestors/support/service-worker/frame-ancestors-none.html";
|
||||
document.body.appendChild(iframe);
|
||||
});
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -0,0 +1,10 @@
|
||||
self.onfetch = e => {
|
||||
e.respondWith(function() {
|
||||
return new Promise((resolve) => {
|
||||
var headers = new Headers;
|
||||
headers.append("Content-Security-Policy", "frame-ancestors 'none'");
|
||||
var response = new Response("", { "headers" : headers, "status": 200, "statusText" : "OK" });
|
||||
resolve(response);
|
||||
});
|
||||
}());
|
||||
};
|
Loading…
Reference in New Issue
Block a user