mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-19 16:25:38 +00:00
a1b638d149
MozReview-Commit-ID: DfvN9mAFYhI --HG-- rename : testing/web-platform/tests/conformance-checkers/html-svg/animate-elem-77-t-novalid.html => testing/web-platform/tests/conformance-checkers/html-svg/animate-elem-77-t-isvalid.html rename : testing/web-platform/tests/conformance-checkers/html-svg/linking-a-10-f-novalid.html => testing/web-platform/tests/conformance-checkers/html-svg/linking-a-10-f-isvalid.html rename : testing/web-platform/tests/conformance-checkers/html/elements/picture/srcset-microsyntax-leading-dot-x-novalid.html => testing/web-platform/tests/conformance-checkers/html/elements/picture/srcset-microsyntax-leading-dot-x-valid.html rename : testing/web-platform/tests/content-security-policy/_unapproved/script-nonces-hidden.html.headers => testing/web-platform/tests/content-security-policy/nonce-hiding/script-nonces-hidden.tentative.html.headers rename : testing/web-platform/tests/content-security-policy/_unapproved/svgscript-nonces-hidden.html.headers => testing/web-platform/tests/content-security-policy/nonce-hiding/svgscript-nonces-hidden.tentative.html.headers rename : testing/web-platform/tests/html/semantics/interactive-elements/context-menus/contextmenu-event-manual.htm => testing/web-platform/tests/html/webappapis/scripting/events/contextmenu-event-manual.htm
85 lines
2.3 KiB
HTML
85 lines
2.3 KiB
HTML
<!DOCTYPE html>
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
<script src="./support/helper.js"></script>
|
|
<body>
|
|
<script>
|
|
async_test(t => {
|
|
var i = document.createElement('iframe');
|
|
i.src = "./support/xfo.py?value=INVALID";
|
|
|
|
wait_for_message_from(i, t)
|
|
.then(t.step_func_done(e => {
|
|
assert_equals(e.data, "Loaded");
|
|
i.remove();
|
|
}));
|
|
|
|
document.body.appendChild(i);
|
|
}, "`XFO: INVALID` allows same-origin framing.");
|
|
|
|
async_test(t => {
|
|
var i = document.createElement('iframe');
|
|
i.src = "http://{{domains[www]}}:{{ports[http][0]}}/x-frame-options/support/xfo.py?value=INVALID";
|
|
|
|
wait_for_message_from(i, t)
|
|
.then(t.step_func_done(e => {
|
|
assert_equals(e.data, "Loaded");
|
|
i.remove();
|
|
}));
|
|
|
|
document.body.appendChild(i);
|
|
}, "`XFO: INVALID` allows cross-origin framing.");
|
|
|
|
async_test(t => {
|
|
var i = document.createElement('iframe');
|
|
i.src = "./support/xfo.py?value=ALLOWALL";
|
|
|
|
wait_for_message_from(i, t)
|
|
.then(t.step_func_done(e => {
|
|
assert_equals(e.data, "Loaded");
|
|
i.remove();
|
|
}));
|
|
|
|
document.body.appendChild(i);
|
|
}, "`XFO: ALLOWALL` allows same-origin framing.");
|
|
|
|
async_test(t => {
|
|
var i = document.createElement('iframe');
|
|
i.src = "http://{{domains[www]}}:{{ports[http][0]}}/x-frame-options/support/xfo.py?value=ALLOWALL";
|
|
|
|
wait_for_message_from(i, t)
|
|
.then(t.step_func_done(e => {
|
|
assert_equals(e.data, "Loaded");
|
|
i.remove();
|
|
}));
|
|
|
|
document.body.appendChild(i);
|
|
}, "`XFO: ALLOWALL` allows cross-origin framing.");
|
|
|
|
async_test(t => {
|
|
var i = document.createElement('iframe');
|
|
i.src = "./support/xfo.py?value=";
|
|
|
|
wait_for_message_from(i, t)
|
|
.then(t.step_func_done(e => {
|
|
assert_equals(e.data, "Loaded");
|
|
i.remove();
|
|
}));
|
|
|
|
document.body.appendChild(i);
|
|
}, "Empty `XFO:` allows same-origin framing.");
|
|
|
|
async_test(t => {
|
|
var i = document.createElement('iframe');
|
|
i.src = "http://{{domains[www]}}:{{ports[http][0]}}/x-frame-options/support/xfo.py?value=";
|
|
|
|
wait_for_message_from(i, t)
|
|
.then(t.step_func_done(e => {
|
|
assert_equals(e.data, "Loaded");
|
|
i.remove();
|
|
}));
|
|
|
|
document.body.appendChild(i);
|
|
}, "Empty `XFO:` allows cross-origin framing.");
|
|
</script>
|