diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-15 03:35:49 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-15 03:35:49 +0000 |
| commit | d8bbc7858622b6d9c278469aab701ca0b609cddf (patch) | |
| tree | eff41dc61d9f714852212739e6b3738b82a2af87 /testing/web-platform/tests/fetch/security/dangling-markup | |
| parent | Releasing progress-linux version 125.0.3-1~progress7.99u1. (diff) | |
| download | firefox-d8bbc7858622b6d9c278469aab701ca0b609cddf.tar.xz firefox-d8bbc7858622b6d9c278469aab701ca0b609cddf.zip | |
Merging upstream version 126.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/fetch/security/dangling-markup')
6 files changed, 89 insertions, 29 deletions
diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.html deleted file mode 100644 index 66456a8876..0000000000 --- a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.html +++ /dev/null @@ -1,26 +0,0 @@ -<!DOCTYPE html> -<script src="/resources/testharness.js"></script> -<script src="/resources/testharnessreport.js"></script> -<body> -<script> - const blank = 'about:blank'; - const dangling_url = 'resources/empty.html?\n<'; - const api_calls = [ - `window.open(\`${dangling_url}\`,'_self')`, - `location.replace(\`${dangling_url}\`)`, - ]; - - api_calls.forEach(call => { - async_test(t => { - const iframe = - document.body.appendChild(document.createElement('iframe')); - t.step(() => { - iframe.contentWindow.eval(call) - t.step_timeout(()=>{ - assert_false(iframe.contentWindow.location.href.endsWith(blank)); - t.done(); - }, 500); - }); - }, `Does not block ${call}`); - }); -</script> diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.tentative.https.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.tentative.https.html new file mode 100644 index 0000000000..428decfc58 --- /dev/null +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.tentative.https.html @@ -0,0 +1,80 @@ +<!DOCTYPE html> +<meta name="timeout" content="long"> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<body> +<script> + const blank = 'about:blank'; + const dangling_url = 'resources/empty.html?\n<'; + const navigation_api_calls = [ + `window.open(\`${dangling_url}\`,'_self')`, + `location.replace(\`${dangling_url}\`)`, + ]; + + function get_requests(worker, expected) { + return new Promise(resolve => { + navigator.serviceWorker.addEventListener('message', function onMsg(evt) { + if (evt.data.size >= expected) { + navigator.serviceWorker.removeEventListener('message', onMsg); + resolve(evt.data); + } else { + worker.postMessage(""); + } + }); + worker.postMessage(""); + }); + } + + navigation_api_calls.forEach(call => { + async_test(t => { + const iframe = + document.body.appendChild(document.createElement('iframe')); + t.step(() => { + iframe.contentWindow.eval(call); + t.step_timeout(() => { + assert_false(iframe.contentWindow.location.href.endsWith(blank)); + t.done(); + }, 500); + }); + }, `Does not block ${call}`); + }); + + const dangling_resource = "404?type=text/javascript&\n<" + const api_calls = [ + [`const xhr = new XMLHttpRequest(); + xhr.open("GET", \`${"xhr" + dangling_resource}\`); + xhr.send(null);`, "xhr"], + [`new EventSource(\`${"EventSource" + dangling_resource}\`)`,"EventSource"], + [`fetch(\`${"fetch" + dangling_resource}\`).catch(()=>{})`, "fetch"], + [`new Worker(\`${"Worker" + dangling_resource}\`)`, "Worker"], + [`let text = \`try{importScripts(\\\`${location.href + "/../importScripts" + dangling_resource}\\\`)}catch(e){}\`; + let blob = new Blob([text], {type : 'text/javascript'}); + let url = URL.createObjectURL(blob); + new Worker(url)`, "importScripts"], + + ]; + + navigator.serviceWorker.register('service-worker.js'); + const iframe = document.createElement('iframe'); + iframe.src = "resources/empty.html"; + document.body.appendChild(iframe); + api_calls.forEach(call => { + promise_test(t => { + return new Promise(resolve => { + navigator.serviceWorker.ready.then(t.step_func(registration => { + iframe.contentWindow.eval(call[0]); + get_requests(registration.active, 0).then(t.step_func(requests => { + resolve(assert_true(requests.has(call[1] + dangling_resource))); + })); + })); + }); + }, `Does not block ${call[1]}`); + }); + + async_test(t => { + let url = new URL(location.origin + "/" + dangling_url); + // Newlines are removed by the URL parser. + assert_true(url.href.endsWith(encodeURI(dangling_url.replace("\n","")))); + t.done(); + }, `Does not block new URL()`); +</script> diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.sub.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.tentative.sub.html index f27735daa1..f27735daa1 100644 --- a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.sub.html +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.tentative.sub.html diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.html index 61a931608b..61a931608b 100644 --- a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.html +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.html diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.https.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.https.html index 3f038cbb7b..3f038cbb7b 100644 --- a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.https.html +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.https.html diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js b/testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js index 837e216a01..99d5456a87 100644 --- a/testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js +++ b/testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js @@ -16,18 +16,24 @@ addEventListener('fetch', evt => { const url = new URL(evt.request.url); const path = url.pathname; const search = url.search || "?"; + const params = new URLSearchParams(search); + const type = params.get('type'); if (path.includes('404')) { const dir = path.split('/'); const request = dir[dir.length-1] + search; if (!requests.has(request)) { requests.add(request); } - evt.respondWith(new Response("")); + evt.respondWith(new Response("", { + headers: { + "Content-Type": type || "text/plain" + } + })); } else if (path.endsWith('resources.html')) { - const html = (new URLSearchParams(search)).get('html'); + const html = params.get('html') || ""; evt.respondWith(new Response(html, { headers: { - "Content-Type": "text/html" + "Content-Type": type || "text/html" } })); } |