diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:14:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:14:29 +0000 |
commit | fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 (patch) | |
tree | 4c1ccaf5486d4f2009f9a338a98a83e886e29c97 /devtools/client/webconsole/test/browser/browser_webconsole_csp_violation.js | |
parent | Releasing progress-linux version 124.0.1-1~progress7.99u1. (diff) | |
download | firefox-fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8.tar.xz firefox-fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8.zip |
Merging upstream version 125.0.1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'devtools/client/webconsole/test/browser/browser_webconsole_csp_violation.js')
-rw-r--r-- | devtools/client/webconsole/test/browser/browser_webconsole_csp_violation.js | 50 |
1 files changed, 36 insertions, 14 deletions
diff --git a/devtools/client/webconsole/test/browser/browser_webconsole_csp_violation.js b/devtools/client/webconsole/test/browser/browser_webconsole_csp_violation.js index ebaca341b3..04dcb313fc 100644 --- a/devtools/client/webconsole/test/browser/browser_webconsole_csp_violation.js +++ b/devtools/client/webconsole/test/browser/browser_webconsole_csp_violation.js @@ -7,6 +7,10 @@ "use strict"; add_task(async function () { + const bundle = Services.strings.createBundle( + "chrome://global/locale/security/csp.properties" + ); + const TEST_URI = "data:text/html;charset=utf8,<!DOCTYPE html>Web Console CSP violation test"; const hud = await openNewTabAndConsole(TEST_URI); @@ -15,10 +19,14 @@ add_task(async function () { const TEST_VIOLATION = "https://example.com/browser/devtools/client/webconsole/" + "test/browser/test-csp-violation.html"; - const CSP_VIOLATION_MSG = - "Content-Security-Policy: The page\u2019s settings " + - "blocked the loading of a resource at " + - "http://some.example.com/test.png (\u201cimg-src\u201d)."; + const CSP_VIOLATION_MSG = bundle.formatStringFromName( + "CSPGenericViolation", + [ + "img-src https://example.com", + "http://some.example.com/test.png", + "img-src", + ] + ); const onRepeatedMessage = waitForRepeatedMessageByType( hud, CSP_VIOLATION_MSG, @@ -35,9 +43,10 @@ add_task(async function () { const TEST_VIOLATION = "https://example.com/browser/devtools/client/webconsole/" + "test/browser/test-csp-violation-inline.html"; - const CSP_VIOLATION = - `Content-Security-Policy: The page’s settings blocked` + - ` the loading of a resource at inline (“style-src”).`; + const CSP_VIOLATION = bundle.formatStringFromName( + "CSPInlineStyleViolation", + ["style-src 'self'", "style-src-elem"] + ); const VIOLATION_LOCATION_HTML = "test-csp-violation-inline.html:18:1"; const VIOLATION_LOCATION_JS = "test-csp-violation-inline.html:14:25"; await navigateTo(TEST_VIOLATION); @@ -71,7 +80,11 @@ add_task(async function () { const TEST_VIOLATION = "https://example.com/browser/devtools/client/webconsole/" + "test/browser/test-csp-violation-base-uri.html"; - const CSP_VIOLATION = `Content-Security-Policy: The page’s settings blocked the loading of a resource at https://evil.com/ (“base-uri”).`; + const CSP_VIOLATION = bundle.formatStringFromName("CSPGenericViolation", [ + "base-uri 'self'", + "https://evil.com/", + "base-uri", + ]); const VIOLATION_LOCATION = "test-csp-violation-base-uri.html:15:25"; await navigateTo(TEST_VIOLATION); let msg = await waitFor(() => findErrorMessage(hud, CSP_VIOLATION)); @@ -97,7 +110,11 @@ add_task(async function () { const TEST_VIOLATION = "https://example.com/browser/devtools/client/webconsole/" + "test/browser/test-csp-violation-form-action.html"; - const CSP_VIOLATION = `Content-Security-Policy: The page’s settings blocked the loading of a resource at https://evil.com/evil.com (“form-action”).`; + const CSP_VIOLATION = bundle.formatStringFromName("CSPGenericViolation", [ + "form-action 'self'", + "https://evil.com/evil.com", + "form-action", + ]); const VIOLATION_LOCATION = "test-csp-violation-form-action.html:14:40"; await navigateTo(TEST_VIOLATION); @@ -116,9 +133,11 @@ add_task(async function () { const TEST_VIOLATION = "https://example.com/browser/devtools/client/webconsole/" + "test/browser/test-csp-violation-frame-ancestor-parent.html"; - const CSP_VIOLATION = - `Content-Security-Policy: The page’s settings blocked` + - ` the loading of a resource at ${TEST_VIOLATION} (“frame-ancestors”).`; + const CSP_VIOLATION = bundle.formatStringFromName("CSPGenericViolation", [ + "frame-ancestors 'none'", + TEST_VIOLATION, + "frame-ancestors", + ]); await navigateTo(TEST_VIOLATION); const msg = await waitFor(() => findErrorMessage(hud, CSP_VIOLATION)); ok(msg, "Frame-Ancestors violation by html was printed"); @@ -129,8 +148,11 @@ add_task(async function () { const TEST_VIOLATION = "https://example.com/browser/devtools/client/webconsole/" + "test/browser/test-csp-violation-event-handler.html"; - const CSP_VIOLATION = `Content-Security-Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). -Source: document.body.textContent = 'JavaScript …`; + const CSP_VIOLATION = + bundle.formatStringFromName("CSPEventHandlerScriptViolation", [ + "script-src 'self'", + "script-src-attr", + ]) + `\nSource: document.body.textContent = 'JavaScript …`; // Future-Todo: Include line and column number. const VIOLATION_LOCATION = "test-csp-violation-event-handler.html"; await navigateTo(TEST_VIOLATION); |