From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 02:47:55 +0200
Subject: Adding upstream version 124.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../tests/fetch/nosniff/resources/css.py           | 23 ++++++++
 .../tests/fetch/nosniff/resources/image.py         | 24 +++++++++
 .../tests/fetch/nosniff/resources/js.py            | 17 ++++++
 .../tests/fetch/nosniff/resources/nosniff.py       | 11 ++++
 .../tests/fetch/nosniff/resources/worker.py        | 16 ++++++
 .../nosniff/resources/x-content-type-options.json  | 62 ++++++++++++++++++++++
 6 files changed, 153 insertions(+)
 create mode 100644 testing/web-platform/tests/fetch/nosniff/resources/css.py
 create mode 100644 testing/web-platform/tests/fetch/nosniff/resources/image.py
 create mode 100644 testing/web-platform/tests/fetch/nosniff/resources/js.py
 create mode 100644 testing/web-platform/tests/fetch/nosniff/resources/nosniff.py
 create mode 100644 testing/web-platform/tests/fetch/nosniff/resources/worker.py
 create mode 100644 testing/web-platform/tests/fetch/nosniff/resources/x-content-type-options.json

(limited to 'testing/web-platform/tests/fetch/nosniff/resources')

diff --git a/testing/web-platform/tests/fetch/nosniff/resources/css.py b/testing/web-platform/tests/fetch/nosniff/resources/css.py
new file mode 100644
index 0000000000..8afb56991d
--- /dev/null
+++ b/testing/web-platform/tests/fetch/nosniff/resources/css.py
@@ -0,0 +1,23 @@
+def main(request, response):
+    type = request.GET.first(b"type", None)
+    is_revalidation = request.headers.get(b"If-Modified-Since", None)
+
+    content = b"/* nothing to see here */"
+
+    response.add_required_headers = False
+    if is_revalidation is not None:
+        response.writer.write_status(304)
+        response.writer.write_header(b"x-content-type-options", b"nosniff")
+        response.writer.write_header(b"content-length", 0)
+        if(type != None):
+            response.writer.write_header(b"content-type", type)
+        response.writer.end_headers()
+        response.writer.write(b"")
+    else:
+        response.writer.write_status(200)
+        response.writer.write_header(b"x-content-type-options", b"nosniff")
+        response.writer.write_header(b"content-length", len(content))
+        if(type != None):
+            response.writer.write_header(b"content-type", type)
+        response.writer.end_headers()
+        response.writer.write(content)
diff --git a/testing/web-platform/tests/fetch/nosniff/resources/image.py b/testing/web-platform/tests/fetch/nosniff/resources/image.py
new file mode 100644
index 0000000000..9fd367c85c
--- /dev/null
+++ b/testing/web-platform/tests/fetch/nosniff/resources/image.py
@@ -0,0 +1,24 @@
+import os.path
+
+from wptserve.utils import isomorphic_decode
+
+def main(request, response):
+    type = request.GET.first(b"type", None)
+
+    if type != None and b"svg" in type:
+        filename = u"green-96x96.svg"
+    else:
+        filename = u"blue96x96.png"
+
+    path = os.path.join(os.path.dirname(isomorphic_decode(__file__)), u"../../../images", filename)
+    body = open(path, u"rb").read()
+
+    response.add_required_headers = False
+    response.writer.write_status(200)
+    response.writer.write_header(b"x-content-type-options", b"nosniff")
+    response.writer.write_header(b"content-length", len(body))
+    if(type != None):
+        response.writer.write_header(b"content-type", type)
+    response.writer.end_headers()
+
+    response.writer.write(body)
diff --git a/testing/web-platform/tests/fetch/nosniff/resources/js.py b/testing/web-platform/tests/fetch/nosniff/resources/js.py
new file mode 100644
index 0000000000..784050a2ca
--- /dev/null
+++ b/testing/web-platform/tests/fetch/nosniff/resources/js.py
@@ -0,0 +1,17 @@
+def main(request, response):
+    outcome = request.GET.first(b"outcome", b"f")
+    type = request.GET.first(b"type", b"Content-Type missing")
+
+    content = b"// nothing to see here"
+    content += b"\n"
+    content += b"log('FAIL: " + type + b"')" if (outcome == b"f") else b"p()"
+
+    response.add_required_headers = False
+    response.writer.write_status(200)
+    response.writer.write_header(b"x-content-type-options", b"nosniff")
+    response.writer.write_header(b"content-length", len(content))
+    if(type != b"Content-Type missing"):
+        response.writer.write_header(b"content-type", type)
+    response.writer.end_headers()
+
+    response.writer.write(content)
diff --git a/testing/web-platform/tests/fetch/nosniff/resources/nosniff.py b/testing/web-platform/tests/fetch/nosniff/resources/nosniff.py
new file mode 100644
index 0000000000..159ecfbebd
--- /dev/null
+++ b/testing/web-platform/tests/fetch/nosniff/resources/nosniff.py
@@ -0,0 +1,11 @@
+def main(request, response):
+    response.add_required_headers = False
+    output =  b"HTTP/1.1 220 YOU HAVE NO POWER HERE\r\n"
+    output += b"Content-Length: 22\r\n"
+    output += b"Connection: close\r\n"
+    output += b"Content-Type: x/x\r\n"
+    output += request.GET.first(b"nosniff") + b"\r\n"
+    output += b"\r\n"
+    output += b"// nothing to see here"
+    response.writer.write(output)
+    response.close_connection = True
diff --git a/testing/web-platform/tests/fetch/nosniff/resources/worker.py b/testing/web-platform/tests/fetch/nosniff/resources/worker.py
new file mode 100644
index 0000000000..2d7e3f6c90
--- /dev/null
+++ b/testing/web-platform/tests/fetch/nosniff/resources/worker.py
@@ -0,0 +1,16 @@
+def main(request, response):
+    type = request.GET.first(b"type", None)
+
+    content = b"// nothing to see here"
+    content += b"\n"
+    content += b"this.postMessage('hi')"
+
+    response.add_required_headers = False
+    response.writer.write_status(200)
+    response.writer.write_header(b"x-content-type-options", b"nosniff")
+    response.writer.write_header(b"content-length", len(content))
+    if(type != None):
+        response.writer.write_header(b"content-type", type)
+    response.writer.end_headers()
+
+    response.writer.write(content)
diff --git a/testing/web-platform/tests/fetch/nosniff/resources/x-content-type-options.json b/testing/web-platform/tests/fetch/nosniff/resources/x-content-type-options.json
new file mode 100644
index 0000000000..080fc1990b
--- /dev/null
+++ b/testing/web-platform/tests/fetch/nosniff/resources/x-content-type-options.json
@@ -0,0 +1,62 @@
+[
+  {
+    "input": "X-Content-Type-Options: NOSNIFF",
+    "nosniff": true
+  },
+  {
+    "input": "x-content-type-OPTIONS: nosniff",
+    "nosniff": true
+  },
+  {
+    "input": "X-Content-Type-Options: nosniff,,@#$#%%&^&^*()()11!",
+    "nosniff": true
+  },
+  {
+    "input": "X-Content-Type-Options: @#$#%%&^&^*()()11!,nosniff",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options: nosniff\r\nX-Content-Type-Options: no",
+    "nosniff": true
+  },
+  {
+    "input": "X-Content-Type-Options: no\r\nX-Content-Type-Options: nosniff",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options:\r\nX-Content-Type-Options: nosniff",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options: nosniff\r\nX-Content-Type-Options: nosniff",
+    "nosniff": true
+  },
+  {
+    "input": "X-Content-Type-Options: ,nosniff",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options: nosniff\u000C",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options: nosniff\u000B",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options: nosniff\u000B,nosniff",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options: 'NosniFF'",
+    "nosniff": false
+  },
+  {
+    "input": "X-Content-Type-Options: \"nosniFF\"",
+    "nosniff": false
+  },
+  {
+    "input": "Content-Type-Options: nosniff",
+    "nosniff": false
+  }
+]
-- 
cgit v1.2.3