diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:47:29 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:47:29 +0000 |
| commit | 0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch) | |
| tree | a31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /testing/web-platform/tests/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html | |
| parent | Initial commit. (diff) | |
| download | firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.tar.xz firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.zip | |
Adding upstream version 115.8.0esr.upstream/115.8.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html')
| -rw-r--r-- | testing/web-platform/tests/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html b/testing/web-platform/tests/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html new file mode 100644 index 0000000000..73e974e51a --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html @@ -0,0 +1,102 @@ +<!DOCTYPE html> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> + +<meta http-equiv="Content-Security-Policy" content="img-src 'self'"> + +<body> + +<script> + function wait_for_error_from_frame(frame, test) { + window.addEventListener('message', test.step_func(e => { + if (e.source != frame.contentWindow) + return; + assert_equals(e.data, "load"); + frame.remove(); + test.done(); + })); + } + + async_test(t => { + var i = document.createElement('iframe'); + document.body.appendChild(i); + + var img = document.createElement('img'); + img.onload = t.step_func_done(_ => i.remove()); + img.onerror = t.unreached_func(); + i.contentDocument.body.appendChild(img); + img.src = "{{location[server]}}/images/red-16x16.png"; + }, "<iframe>'s about:blank inherits policy."); + + async_test(t => { + var i = document.createElement('iframe'); + i.srcdoc = ` + <img src='{{location[server]}}/images/red-16x16.png' + onload='window.top.postMessage("load", "*");' + onerror='window.top.postMessage("error", "*");' + > + `; + + wait_for_error_from_frame(i, t); + + document.body.appendChild(i); + }, "<iframe srcdoc>'s inherits policy."); + + async_test(t => { + var i = document.createElement('iframe'); + var b = new Blob( + [` + <img src='{{location[server]}}/images/red-16x16.png' + onload='window.top.postMessage("load", "*");' + onerror='window.top.postMessage("error", "*");' + > + `], {type:"text/html"}); + i.src = URL.createObjectURL(b); + + wait_for_error_from_frame(i, t); + + document.body.appendChild(i); + }, "<iframe src='blob:...'>'s inherits policy."); + + async_test(t => { + var i = document.createElement('iframe'); + i.src = `data:text/html,<img src='{{location[server]}}/images/red-16x16.png' + onload='window.top.postMessage("load", "*");' + onerror='window.top.postMessage("error", "*");' + >`; + + wait_for_error_from_frame(i, t); + + document.body.appendChild(i); + }, "<iframe src='data:...'>'s inherits policy."); + + async_test(t => { + var i = document.createElement('iframe'); + i.src = `javascript:"<img src='{{location[server]}}/images/red-16x16.png' + onload='window.top.postMessage(\\"load\\", \\"*\\");' + onerror='window.top.postMessage(\\"error\\", \\"*\\");' + >"`; + + wait_for_error_from_frame(i, t); + + document.body.appendChild(i); + }, "<iframe src='javascript:...'>'s inherits policy."); + + async_test(t => { + var i = document.createElement('iframe'); + var b = new Blob( + [` + <img src='{{location[server]}}/images/red-16x16.png' + onload='window.top.postMessage("load", "*");' + onerror='window.top.postMessage("error", "*");' + > + `], {type:"text/html"}); + i.src = URL.createObjectURL(b); + i.sandbox = 'allow-scripts'; + + wait_for_error_from_frame(i, t); + + document.body.appendChild(i); + }, "<iframe sandbox src='blob:...'>'s inherits policy. (opaque origin sandbox)"); + +</script> |