From fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:14:29 +0200 Subject: Merging upstream version 125.0.1. Signed-off-by: Daniel Baumann --- .../dangling-markup-mitigation-allowed-apis.html | 26 +++ .../dangling-markup-mitigation-data-url.sub.html | 229 +++++++++++++++++++++ ...g-markup-mitigation-data-url.tentative.sub.html | 229 --------------------- .../dangling-markup-mitigation.html | 147 +++++++++++++ .../dangling-markup-mitigation.https.html | 61 ++++++ .../dangling-markup-mitigation.tentative.html | 147 ------------- .../security/dangling-markup/resources/empty.html | 1 + .../security/dangling-markup/service-worker.js | 35 ++++ 8 files changed, 499 insertions(+), 376 deletions(-) create mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.html create mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.sub.html delete mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.tentative.sub.html create mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.html create mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.https.html delete mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.html create mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/resources/empty.html create mode 100644 testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js (limited to 'testing/web-platform/tests/fetch/security') diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.html new file mode 100644 index 0000000000..66456a8876 --- /dev/null +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-allowed-apis.html @@ -0,0 +1,26 @@ + + + + + diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.sub.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.sub.html new file mode 100644 index 0000000000..f27735daa1 --- /dev/null +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.sub.html @@ -0,0 +1,229 @@ + + + + + diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.tentative.sub.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.tentative.sub.html deleted file mode 100644 index f27735daa1..0000000000 --- a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation-data-url.tentative.sub.html +++ /dev/null @@ -1,229 +0,0 @@ - - - - - diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.html new file mode 100644 index 0000000000..61a931608b --- /dev/null +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.html @@ -0,0 +1,147 @@ + + + + + diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.https.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.https.html new file mode 100644 index 0000000000..3f038cbb7b --- /dev/null +++ b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.https.html @@ -0,0 +1,61 @@ + + + + + + diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.html b/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.html deleted file mode 100644 index 61a931608b..0000000000 --- a/testing/web-platform/tests/fetch/security/dangling-markup/dangling-markup-mitigation.tentative.html +++ /dev/null @@ -1,147 +0,0 @@ - - - - - diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/resources/empty.html b/testing/web-platform/tests/fetch/security/dangling-markup/resources/empty.html new file mode 100644 index 0000000000..0e76edd65b --- /dev/null +++ b/testing/web-platform/tests/fetch/security/dangling-markup/resources/empty.html @@ -0,0 +1 @@ + diff --git a/testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js b/testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js new file mode 100644 index 0000000000..837e216a01 --- /dev/null +++ b/testing/web-platform/tests/fetch/security/dangling-markup/service-worker.js @@ -0,0 +1,35 @@ +const requests = new Set(); + +addEventListener('install', evt => { + evt.waitUntil(self.skipWaiting()); +}); + +addEventListener('activate', evt => { + evt.waitUntil(self.clients.claim()); +}); + +addEventListener('message', evt => { + evt.source.postMessage(requests); +}); + +addEventListener('fetch', evt => { + const url = new URL(evt.request.url); + const path = url.pathname; + const search = url.search || "?"; + if (path.includes('404')) { + const dir = path.split('/'); + const request = dir[dir.length-1] + search; + if (!requests.has(request)) { + requests.add(request); + } + evt.respondWith(new Response("")); + } else if (path.endsWith('resources.html')) { + const html = (new URLSearchParams(search)).get('html'); + evt.respondWith(new Response(html, { + headers: { + "Content-Type": "text/html" + } + })); + } + return; +}); -- cgit v1.2.3