From 8dd16259287f58f9273002717ec4d27e97127719 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 12 Jun 2024 07:43:14 +0200 Subject: Merging upstream version 127.0. Signed-off-by: Daniel Baumann --- dom/security/test/gtest/TestCSPParser.cpp | 17 +++++++++++++++++ dom/security/test/https-first/browser_httpsfirst.js | 9 ++++----- 2 files changed, 21 insertions(+), 5 deletions(-) (limited to 'dom/security/test') diff --git a/dom/security/test/gtest/TestCSPParser.cpp b/dom/security/test/gtest/TestCSPParser.cpp index 19ba0548de..388055f388 100644 --- a/dom/security/test/gtest/TestCSPParser.cpp +++ b/dom/security/test/gtest/TestCSPParser.cpp @@ -152,9 +152,14 @@ nsresult runTestSuite(const PolicyTest* aPolicies, uint32_t aPolicyCount, // Add prefs you need to set to parse CSP here, see comments for example // bool examplePref = false; + bool trustedTypesEnabled = false; + constexpr auto kTrustedTypesEnabledPrefName = + "dom.security.trusted_types.enabled"; if (prefs) { // prefs->GetBoolPref("security.csp.examplePref", &examplePref); // prefs->SetBoolPref("security.csp.examplePref", true); + prefs->GetBoolPref(kTrustedTypesEnabledPrefName, &trustedTypesEnabled); + prefs->SetBoolPref(kTrustedTypesEnabledPrefName, true); } for (uint32_t i = 0; i < aPolicyCount; i++) { @@ -165,6 +170,7 @@ nsresult runTestSuite(const PolicyTest* aPolicies, uint32_t aPolicyCount, if (prefs) { // prefs->SetBoolPref("security.csp.examplePref", examplePref); + prefs->SetBoolPref(kTrustedTypesEnabledPrefName, trustedTypesEnabled); } return NS_OK; @@ -220,6 +226,11 @@ TEST(CSPParser, Directives) "worker-src http://worker.com; frame-src http://frame.com; child-src http://child.com" }, { "script-src 'unsafe-allow-redirects' http://example.com", "script-src http://example.com"}, + { "require-trusted-types-for 'script'", + "require-trusted-types-for 'script'" }, + { "trusted-types somePolicyName", "trusted-types somePolicyName" }, + { "trusted-types somePolicyName anotherPolicyName 1 - # = _ / @ . % *", + "trusted-types somePolicyName anotherPolicyName 1 - # = _ / @ . % *" }, // clang-format on }; @@ -247,6 +258,11 @@ TEST(CSPParser, Keywords) "script-src 'wasm-unsafe-eval'" }, { "img-src 'none'; script-src 'unsafe-eval' 'unsafe-inline'; default-src 'self'", "img-src 'none'; script-src 'unsafe-eval' 'unsafe-inline'; default-src 'self'" }, + { "trusted-types somePolicyName 'allow-duplicates'", + "trusted-types somePolicyName 'allow-duplicates'" }, + { "trusted-types 'none'", "trusted-types 'none'" }, + { "trusted-types", "trusted-types 'none'" }, + { "trusted-types *", "trusted-types *" }, // clang-format on }; @@ -589,6 +605,7 @@ TEST(CSPParser, BadPolicies) { "report-uri http://:foo", ""}, { "require-sri-for", ""}, { "require-sri-for style", ""}, + { "trusted-types $", ""}, // clang-format on }; diff --git a/dom/security/test/https-first/browser_httpsfirst.js b/dom/security/test/https-first/browser_httpsfirst.js index c4437f6051..e0bba26f73 100644 --- a/dom/security/test/https-first/browser_httpsfirst.js +++ b/dom/security/test/https-first/browser_httpsfirst.js @@ -99,11 +99,10 @@ add_task(async function () { is(Glean.httpsfirst.downgradedOnTimerSchemeless.testGetValue(), null); const downgradeSeconds = Glean.httpsfirst.downgradeTime.testGetValue().sum / 1_000_000_000; - ok( - downgradeSeconds > 2 && downgradeSeconds < 30, - `Summed downgrade time should be above 2 and below 30 seconds (is ${downgradeSeconds.toFixed( - 2 - )}s)` + Assert.less( + downgradeSeconds, + 10, + "Summed downgrade time should be below 10 seconds" ); is(null, Glean.httpsfirst.downgradeTimeSchemeless.testGetValue()); }); -- cgit v1.2.3