Adding upstream version 86.0.1.upstream/86.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 83 insertions, 0 deletions

diff --git a/dom/security/test/csp/test_reloadInFreshProcess.html b/dom/security/test/csp/test_reloadInFreshProcess.html
new file mode 100644
index 0000000000..4423b6c92c
--- /dev/null
+++ b/dom/security/test/csp/test_reloadInFreshProcess.html
@@ -0,0 +1,83 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 1555050: Test CSP Navigation using ReloadInFreshProcess</title>
+  <script src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<iframe style="width:100%;" id="testframe_with_csp"></iframe>
+<iframe style="width:100%;" id="testframe_with_no_csp"></iframe>
+
+<script class="testbody" type="text/javascript">
+
+/*
+ * Description of the tests:
+ *
+ *        | Frame                       | Large Allocation Window     | Result
+ * -----------------------------------------------------------------------------
+ * Test 1 | "upgrade-insecure-requests" |                             | https
+ * Test 2 |                             | "upgrade-insecure-requests" | http
+ *
+ * Test 1:
+ * We load an iframe which uses 'upgrade-insecure-requests' which then opens an
+ * "http" window which uses the header "Large-Allocation". We observe that the
+ * request gets upgraded to use "https://test1.example.com".
+ *
+ * Test 2:
+ * We load an iframe which does not use any CSP and opens an "http" window
+ * which uses the header "Large-Allocation" as well as a CSP of
+ * "upgrade-insecure-requests". We observe that the request does not get
+ * upgraded to https but still uses "http://test2.example.com".
+ */
+
+SimpleTest.waitForExplicitFinish();
+
+let httpsCounter = 0;
+let httpCounter = 0;
+
+function checkTestComplete() {
+  if (httpsCounter == 1 && httpCounter == 1) {
+    ok(true, "Frame with CSP caused upgrade; Frame with no CSP caused no upgrade");
+    window.URLExaminer.remove();
+    SimpleTest.finish();
+  }
+}
+
+function examiner() {
+  SpecialPowers.addObserver(this, "specialpowers-http-notify-request");
+}
+examiner.prototype  = {
+  observe(subject, topic, data) {
+    if (topic === "specialpowers-http-notify-request") {
+      if (data === "https://test1.example.com/tests/dom/security/test/csp/file_reloadInFreshProcess.sjs?largeAllocation_with_no_csp") {
+        httpsCounter++;
+        checkTestComplete();
+        return;
+      }
+      if (data === "http://test2.example.com/tests/dom/security/test/csp/file_reloadInFreshProcess.sjs?largeAllocation_with_csp") {
+        httpCounter++;
+        checkTestComplete();
+        return;
+      }
+    }
+  },
+  remove() {
+    SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
+  }
+}
+window.URLExaminer = new examiner();
+
+function runTest() {
+  let testframe_with_csp = document.getElementById("testframe_with_csp");
+  testframe_with_csp.src = "http://test1.example.com/tests/dom/security/test/csp/file_reloadInFreshProcess.sjs?testframe_with_csp";
+
+ let testframe_with_no_csp = document.getElementById("testframe_with_no_csp");
+ testframe_with_no_csp.src = "http://test2.example.com/tests/dom/security/test/csp/file_reloadInFreshProcess.sjs?testframe_with_no_csp"; 
+}
+
+SpecialPowers.pushPrefEnv({"set": [["dom.largeAllocation.forceEnable", true]]}, runTest);
+
+</script>
+</body>
+</html>