Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 00:47:55 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 00:47:55 +0000
commit: 26a029d407be480d791972afb5975cf62c9360a6 (patch)
tree: f435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/content-security-policy/font-src
parent: Initial commit. (diff)
download: firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz
firefox-26a029d407be480d791972afb5975cf62c9360a6.zip
5 files changed, 115 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/font-src/font-match-allowed.sub.html b/testing/web-platform/tests/content-security-policy/font-src/font-match-allowed.sub.html
new file mode 100644
index 0000000000..54e04d4f7a
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/font-src/font-match-allowed.sub.html
@@ -0,0 +1,23 @@
+<!doctype html>
+<meta charset=utf-8>
+<meta http-equiv="Content-Security-Policy" content="font-src {{domains[www1]}}:{{ports[http][0]}}">
+<head>
+  <title>Test font loads if it matches font-src.</title>
+  <script src='/resources/testharness.js'></script>
+  <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+  <div id="log"></div>
+  <script>
+    async_test(function(t) {
+      document.addEventListener("securitypolicyviolation", t.unreached_func("Loading allowed fonts should not trigger a violation."));
+      var link = document.createElement('link');
+      link.rel="preload";
+      link.as="font";
+      link.href="http://{{domains[www1]}}:{{ports[http][0]}}/fonts/Ahem.ttf?font-match-allowed";
+      link.onload = t.step_func_done();
+      link.onerror = t.unreached_func("Should have loaded the font.");
+      document.getElementsByTagName('head')[0].appendChild(link);
+    }, "Test font loads if it matches font-src.");
+  </script>
+</body>
diff --git a/testing/web-platform/tests/content-security-policy/font-src/font-mismatch-blocked.sub.html b/testing/web-platform/tests/content-security-policy/font-src/font-mismatch-blocked.sub.html
new file mode 100644
index 0000000000..fb491cb58d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/font-src/font-mismatch-blocked.sub.html
@@ -0,0 +1,22 @@
+<!doctype html>
+<meta charset=utf-8>
+<meta http-equiv="Content-Security-Policy" content="font-src {{domains[www1]}}:{{ports[http][0]}}">
+<head>
+  <title>Test font does not load if it does not match font-src.</title>
+  <script src='/resources/testharness.js'></script>
+  <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+  <div id="log"></div>
+  <script>
+    async_test(function(t) {
+      var link = document.createElement('link');
+      link.rel="preload";
+      link.as="font";
+      link.href="http://{{domains[www2]}}:{{ports[http][0]}}/fonts/Ahem.ttf?font-mismatch-blocked";
+      link.onload = t.unreached_func("Should not have loaded the font.");
+      link.onerror = t.step_func_done();
+      document.getElementsByTagName('head')[0].appendChild(link);
+    }, "Test font does not load if it does not match font-src.");
+  </script>
+</body>
diff --git a/testing/web-platform/tests/content-security-policy/font-src/font-none-blocked.sub.html b/testing/web-platform/tests/content-security-policy/font-src/font-none-blocked.sub.html
new file mode 100644
index 0000000000..b8dbb7530a
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/font-src/font-none-blocked.sub.html
@@ -0,0 +1,22 @@
+<!doctype html>
+<meta charset=utf-8>
+<meta http-equiv="Content-Security-Policy" content="font-src 'none'">
+<head>
+  <title>Test font does not load if it does not match font-src.</title>
+  <script src='/resources/testharness.js'></script>
+  <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+  <div id="log"></div>
+  <script>
+    async_test(function(t) {
+      var link = document.createElement('link');
+      link.rel="preload";
+      link.as="font";
+      link.href="http://{{domains[www]}}:{{ports[http][0]}}/fonts/Ahem.ttf?font-none-blocked";
+      link.onload = t.unreached_func("Should not have loaded the font.");
+      link.onerror = t.step_func_done();
+      document.getElementsByTagName('head')[0].appendChild(link);
+    }, "Test font does not load if it does not match font-src.");
+  </script>
+</body>
diff --git a/testing/web-platform/tests/content-security-policy/font-src/font-self-allowed.html b/testing/web-platform/tests/content-security-policy/font-src/font-self-allowed.html
new file mode 100644
index 0000000000..aeca1285e4
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/font-src/font-self-allowed.html
@@ -0,0 +1,23 @@
+<!doctype html>
+<meta charset=utf-8>
+<meta http-equiv="Content-Security-Policy" content="font-src 'self'">
+<head>
+  <title>Test font loads if it matches font-src.</title>
+  <script src='/resources/testharness.js'></script>
+  <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+  <div id="log"></div>
+  <script>
+    async_test(function(t) {
+      document.addEventListener("securitypolicyviolation", t.unreached_func("Loading allowed fonts should not trigger a violation."));
+      var link = document.createElement('link');
+      link.rel="preload";
+      link.as="font";
+      link.href="/fonts/Ahem.ttf?font-self-allowed";
+      link.onload = t.step_func_done();
+      link.onerror = t.unreached_func("Should have loaded the font.");
+      document.getElementsByTagName('head')[0].appendChild(link);
+    }, "Test font loads if it matches font-src.");
+  </script>
+</body>
diff --git a/testing/web-platform/tests/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html b/testing/web-platform/tests/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html
new file mode 100644
index 0000000000..4b34bc5746
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html
@@ -0,0 +1,25 @@
+<!doctype html>
+<meta charset=utf-8>
+<meta http-equiv="Content-Security-Policy" content="font-src 'none'">
+<head>
+  <title>Test font does not load if it does not match font-src.</title>
+  <script src='/resources/testharness.js'></script>
+  <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+  <div id="log"></div>
+  <script>
+    async_test(function(t) {
+      var link = document.createElement('link');
+      link.rel="stylesheet";
+      link.type="text/css";
+      link.href="/content-security-policy/support/fonts.css";
+      // The stylesheet should stil load, even though the font contained does not
+      link.onerror = t.unreached_func("Should have loaded the stylesheet.");
+      document.addEventListener("securitypolicyviolation", t.step_func_done(function(e) {
+        assert_equals(e.violatedDirective, "font-src");
+      }));
+      document.getElementsByTagName('head')[0].appendChild(link);
+    }, "Test font does not load if it does not match font-src.");
+  </script>
+</body>
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 00:47:55 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 00:47:55 +0000
commit	26a029d407be480d791972afb5975cf62c9360a6 (patch)
tree	f435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/content-security-policy/font-src
parent	Initial commit. (diff)
download	firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip