50 lines
No EOL
1.7 KiB
HTML
50 lines
No EOL
1.7 KiB
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
|
|
<head>
|
|
<title> Bug 1505412 CSP-RO reports violations in inline-scripts with nonce</title>
|
|
<script src="/tests/SimpleTest/SimpleTest.js" nonce="foobar"></script>
|
|
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
|
|
|
|
|
<body>
|
|
<p id="display"></p>
|
|
<div id="content" style="display: none">
|
|
</div>
|
|
|
|
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1505412">Test for 1505412 </a>
|
|
<script class="testbody" type="text/javascript" nonce="foobar">
|
|
/* Description of the test:
|
|
1: We setup a Proxy that will cause the Test to Fail
|
|
if Firefox sends a CSP-Report to /report
|
|
2: We Load an iframe with has a Script pointing to
|
|
file_bug1505412.sjs
|
|
3: The Preloader will fetch the file and Gets redirected
|
|
4: If correct, the File should be loaded and no CSP-Report
|
|
should be send.
|
|
*/
|
|
|
|
|
|
|
|
SimpleTest.waitForExplicitFinish();
|
|
SimpleTest.requestCompleteLog();
|
|
SimpleTest.requestLongerTimeout(2); // Or might fail for Linux-Debug in some cases.
|
|
var script;
|
|
|
|
window.addEventListener("load",()=>{
|
|
let t = document.querySelector("#target");
|
|
t.src = "file_bug1505412_frame.html";
|
|
t.addEventListener("load",async () => {
|
|
let reportCount = await fetch("file_bug1505412_reporter.sjs?state").then(r => r.text());
|
|
info(reportCount);
|
|
ok(reportCount == 0 , "Script Loaded without CSP beeing triggered");
|
|
await fetch("file_bug1505412_reporter.sjs?flush");
|
|
SimpleTest.finish();
|
|
});
|
|
})
|
|
|
|
</script>
|
|
<iframe id="target" frameborder="0"></iframe>
|
|
</body>
|
|
|
|
</html> |