summaryrefslogtreecommitdiffstats
path: root/dom/base/test/test_change_policy.html
blob: 536b7ed77644350a06eec17f5f69f432afe55c6a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<!DOCTYPE HTML>
<html>
<head>
  <meta charset="utf-8">
  <title>Test policies for Bug 1101288</title>
  <script src="/tests/SimpleTest/SimpleTest.js"></script>
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>

<!--
This checks if the right policies are applied from a given string when the policy is changed after the document has been loaded.
https://bugzilla.mozilla.org/show_bug.cgi?id=1101288
-->
<script type="application/javascript">

SimpleTest.waitForExplicitFinish();
var advance = function() { tests.next(); };

/**
 * Listen for notifications from the child.
 * These are sent in case of error, or when the loads we await have completed.
 */
window.addEventListener("message", function(event) {
  if (event.data == "childLoadComplete") {
    // all loads happen, continue the test.
    advance();
  }
});

/**
 * helper to perform an XHR.
 */
function doXHR(aUrl, onSuccess, onFail) {
  var xhr = new XMLHttpRequest();
  xhr.responseType = "json";
  xhr.onload = function () {
    onSuccess(xhr);
  };
  xhr.onerror = function () {
    onFail(xhr);
  };
  xhr.open('GET', aUrl, true);
  xhr.send(null);
}

/**
 * Grabs the results via XHR and passes to checker.
 */
function checkIndividualResults(aTestname, aExpectedReferrer, aName) {
  doXHR('/tests/dom/base/test/referrer_change_server.sjs?action=get-test-results',
        function(xhr) {
          var results = xhr.response;
          info(JSON.stringify(xhr.response));

          for (i in aName) {
            ok(aName[i] in results.tests, aName[i] + " tests have to be performed.");
            is(results.tests[aName[i]].policy, aExpectedReferrer[i], aTestname + ' --- ' + results.tests[aName[i]].policy + ' (' + results.tests[aName[i]].referrer + ')');
          }
          advance();
        },
        function(xhr) {
          ok(false, "Can't get results from the counter server.");
          SimpleTest.finish();
        });
}

function resetState() {
  doXHR('/tests/dom/base/test/referrer_change_server.sjs?action=resetState',
    advance,
    function(xhr) {
      ok(false, "error in reset state");
      SimpleTest.finish();
    });
}


/**
 * This is the main test routine -- serialized by use of a generator.
 * It resets the counter, then performs two tests in sequence using
 * the same iframe.
 */
var tests = (function*() {
  var iframe = document.getElementById("testframe");
  var sjs = "/tests/dom/base/test/referrer_change_server.sjs?action=generate-policy-test";

  yield SpecialPowers.pushPrefEnv(
    { set: [["network.http.referer.disallowCrossSiteRelaxingDefault", false]] },
    advance
  );

  yield resetState();
  var name = "no-referrer-unsafe-url";
  yield iframe.src = sjs + "&policy=" + escape('no-referrer') + "&name=" + name + "&newPolicy=" + escape('unsafe-url');
  yield checkIndividualResults("unsafe-url (changed) with no-referrer first", ["full"], [name+'unsafe-url']);

  yield resetState();
  var name = "origin-no-referrer";
  yield iframe.src = sjs + "&policy=" + escape('origin') + "&name=" + name + "&newPolicy=" + escape('no-referrer');
  yield checkIndividualResults("no-referrer (changed) with origin first", ["none"], [name+'no-referrer']);

  yield resetState();
  var name = "unsafe-url-no-referrer";
  yield iframe.src = sjs + "&policy=" + escape('unsafe-url') + "&name=" + name + "&newPolicy=" + escape('no-referrer');
  yield checkIndividualResults("no-referrer (changed) with unsafe-url first", ["none"], [name+'no-referrer']);

  sjs = "/tests/dom/base/test/referrer_change_server.sjs?action=generate-policy-test2";

  yield resetState();
  var name = "no-referrer-unsafe-url";
  yield iframe.src = sjs + "&policy=" + escape('no-referrer') + "&name=" + name + "&newPolicy=" + escape('unsafe-url');
  yield checkIndividualResults("unsafe-url (changed) with no-referrer first", ["full"], [name+'unsafe-url']);

  yield resetState();
  var name = "origin-no-referrer";
  yield iframe.src = sjs + "&policy=" + escape('origin') + "&name=" + name + "&newPolicy=" + escape('no-referrer');
  yield checkIndividualResults("no-referrer (changed) with origin first", ["none"], [name+'no-referrer']);

  yield resetState();
  var name = "unsafe-url-no-referrer";
  yield iframe.src = sjs + "&policy=" + escape('unsafe-url') + "&name=" + name + "&newPolicy=" + escape('no-referrer');
  yield checkIndividualResults("no-referrer (changed) with unsafe-url first", ["none"], [name+'no-referrer']);

  // complete.
  SimpleTest.finish();
})();

</script>
</head>

<body onload="tests.next();">
  <iframe id="testframe"></iframe>

</body>
</html>