horok/firefox
1
0
Fork 0
Code Activity
firefox/testing/web-platform/tests/html/cross-origin-embedder-policy/header-parsing.https.html
Daniel Baumann 5e9a113729
Adding upstream version 140.0. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-25 09:37:52 +02:00

85 lines
2.6 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<html>
<meta charset="utf-8">
<meta name="timeout" content="long">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<body>
<script>
'use strict';
function createIframe(t, values) {
const parent = document.createElement('iframe');
const child = document.createElement('iframe');
const params = values.map((value) => {
const percentEncodedValue = typeof value === "object" ? value.percentEncoded : encodeURIComponent(value);
return `value=${percentEncodedValue}`;
});
parent.setAttribute('src', `resources/empty-coep.py?${params.join("&")}`);
document.body.appendChild(parent);
t.add_cleanup(() => parent.remove());
return new Promise((resolve, reject) => {
parent.onload = resolve;
parent.onerror = () =>
reject(new Error(`failed to load from ${parent.src}`));
})
.then(() => {
child.setAttribute('src', '/common/blank.html');
parent.contentDocument.body.appendChild(child);
return new Promise((resolve) => {
child.onload = resolve;
child.onerror = () =>
reject(new Error(`failed to load from ${child.src}`));
});
})
.then(() => child);
}
[
[],
[''],
['jibberish'],
[{ percentEncoded: 'require%FFcorp' }], // non-ASCII byte
['require-corp;'],
['\u000brequire-corp\u000b'], // vertical tab
['\u000crequire-corp\u000c'], // form feed
['\u000drequire-corp\u000d'], // carriage return
['Require-corp'],
['"require-corp"'], // HTTP structured header "string" item
[':cmVxdWlyZS1jb3Jw:'], // HTTP structured header "byte sequence" item
['require-corp;\tfoo=bar'],
['require-corp require-corp'],
['require-corp,require-corp'],
['require-corp', 'require-corp'],
['', 'require-corp'],
['require-corp', ''],
].forEach((values) => {
promise_test((t) => {
return createIframe(t, values)
.then((child) => {
assert_not_equals(child.contentDocument, null);
});
}, 'navigation allowed for ' + JSON.stringify(values));
});
[
['require-corp'],
[' require-corp '],
['\trequire-corp\t'], // leading and trailing OWS is not part of the field-value per HTTP
[' \trequire-corp'],
['require-corp\t '],
['require-corp; foo=bar'],
['require-corp;require-corp'],
['require-corp; report-to="data:', '"'], // `require-corp; report-to="data:, "`
].forEach((values) => {
promise_test((t) => {
return createIframe(t, values)
.then((child) => {
assert_equals(child.contentDocument, null);
});
}, 'navigation blocked for ' + JSON.stringify(values));
});
</script>
</body>
</html>
View git blame Copy permalink