diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/content-security-policy/script-src/addInlineTestsWithDOMManipulation.js | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/content-security-policy/script-src/addInlineTestsWithDOMManipulation.js')
-rw-r--r-- | testing/web-platform/tests/content-security-policy/script-src/addInlineTestsWithDOMManipulation.js | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/script-src/addInlineTestsWithDOMManipulation.js b/testing/web-platform/tests/content-security-policy/script-src/addInlineTestsWithDOMManipulation.js new file mode 100644 index 0000000000..02c8c8cdd4 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/script-src/addInlineTestsWithDOMManipulation.js @@ -0,0 +1,28 @@ +(function () { + var t_spv = async_test("Test that securitypolicyviolation event is fired"); + var test_count = 2; + + window.addEventListener("securitypolicyviolation", t_spv.step_func_done(function(e) { + assert_equals(e.violatedDirective, "script-src-elem"); + if (--test_count <= 0) { + t_spv.done(); + } + })); + + + var dmTest = async_test("DOM manipulation inline tests"); + var attachPoint = document.getElementById('attachHere'); + var inlineScript = document.createElement('script'); + var scriptText = document.createTextNode('dmTest.step(function() {assert_unreached("Unsafe inline script ran - createTextNode.")});'); + + inlineScript.appendChild(scriptText); + attachPoint.appendChild(inlineScript); + + document.getElementById('emptyScript').innerHTML = 'dmTest.step(function() {assert_unreached("Unsafe inline script ran - innerHTML.")});'; + document.getElementById('emptyDiv').outerHTML = '<script id=outerHTMLScript>dmTest.step(function() {assert_unreached("Unsafe inline script ran - outerHTML.")});</script>'; + + document.write('<script>dmTest.step(function() {assert_unreached("Unsafe inline script ran - document.write")});</script>'); + document.writeln('<script>dmTest.step(function() {assert_unreached("Unsafe inline script ran - document.writeln")});</script>'); + + dmTest.done(); +})(); |