Adding upstream version 86.0.1.upstream/86.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 33 insertions, 0 deletions

diff --git a/dom/security/test/general/file_nosniff_navigation_mismatch.sjs b/dom/security/test/general/file_nosniff_navigation_mismatch.sjs
new file mode 100644
index 0000000000..3b34389c4b
--- /dev/null
+++ b/dom/security/test/general/file_nosniff_navigation_mismatch.sjs
@@ -0,0 +1,33 @@
+// Custom *.sjs file specifically for the needs of Bug 1286861
+
+// small red image
+const IMG = atob(
+  "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
+  "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==");
+
+function getSniffableContent(selector){
+  switch(selector){
+  case "xml":
+    return `<?xml version="1.0"?><test/>`;
+  case "html":
+    return `<!Doctype html> <html> <head></head> <body> Test test </body></html>`;
+  case 'js':
+    return `<script> alert("This shouldt not be executed"); </script>`
+  case "css":
+    return `*{ color: pink !important; }`;
+  case 'json':
+      return `{ 'test':'yes' }`;
+  case 'img':
+      return IMG;
+  }
+  return "Basic UTF-8 Text";
+}
+
+function handleRequest(request, response)
+{
+  // avoid confusing cache behaviors
+  response.setHeader('X-Content-Type-Options', 'nosniff'); // Disable Sniffing
+  response.setHeader("Content-Type","image/png");  // Send a wrong mime type
+  response.write(getSniffableContent(request.queryString));
+  return;
+}