diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
| commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
| tree | f435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/fenced-frame/cspee.https.html | |
| parent | Initial commit. (diff) | |
| download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip | |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/fenced-frame/cspee.https.html')
| -rw-r--r-- | testing/web-platform/tests/fenced-frame/cspee.https.html | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fenced-frame/cspee.https.html b/testing/web-platform/tests/fenced-frame/cspee.https.html new file mode 100644 index 0000000000..70c9744b74 --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/cspee.https.html @@ -0,0 +1,74 @@ +<!DOCTYPE html> +<title>Test fenced frame in CSPEE</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> +<script src="resources/utils.js"></script> + +<body> +<script> +promise_test(async(t) => { + const iframe = attachIFrameContext({ + attributes: [["csp", "frame-src *"]], + headers: [["Allow-CSP-From", "*"]] + }); + t.step_timeout(() => t.done(), 1000); + await iframe.execute(async (t) => { + const fencedframe = attachFencedFrameContext({ + headers: [["Allow-CSP-From", "*"]] + }); + await fencedframe.execute(() => {}); + }); + assert_unreached("fenced frame should not be loaded."); +}, 'fenced frame should not be loaded in CSPEE'); + +promise_test(async(t) => { + const iframe_a = attachIFrameContext({ + attributes: [["csp", "frame-src *"]], + headers: [["Allow-CSP-From", "*"]] + }); + t.step_timeout(() => t.done(), 1000); + await iframe_a.execute(async (t) => { + const iframe_b = attachIFrameContext({headers: [["Allow-CSP-From", "*"]]}); + await iframe_b.execute(async (t) => { + const fencedframe = attachFencedFrameContext({ + headers: [["Allow-CSP-From", "*"]] + }); + await fencedframe.execute(() => {}); + }); + }); + assert_unreached("fenced frame should not be loaded."); +}, 'fenced frame should not be loaded if any ancestor has CSPEE'); + +promise_test(async(t) => { + const iframe = attachIFrameContext({ + attributes: [["csp", "frame-src *"]], + headers: [["Allow-CSP-From", "*"]] + }); + await iframe.execute(async (t) => { + assert_false(navigator.canLoadAdAuctionFencedFrame()); + }); +}, 'canLoadOpaqueURL considers CSPEE headers'); + +promise_test(async(t) => { + const iframe_a = attachIFrameContext({ + attributes: [["csp", "frame-src *"]], + headers: [["Allow-CSP-From", "*"]] + }); + await iframe_a.execute(async (t) => { + const iframe_b = attachIFrameContext({headers: [["Allow-CSP-From", "*"]]}); + await iframe_b.execute(async (t) => { + assert_false(navigator.canLoadAdAuctionFencedFrame()); + }); + }); +}, 'canLoadOpaqueURL considers CSPEE headers up the ancestor chain'); + +promise_test(async(t) => { + const iframe = attachIFrameContext(); + await iframe.execute(async (t) => { + assert_true(navigator.canLoadAdAuctionFencedFrame()); + }); +}, 'canLoadOpaqueURL returns true if no CSPEE headers are present in iframe'); +</script> +</body> |