diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /dom/security/test/csp/test_bug1505412.html | |
parent | Initial commit. (diff) | |
download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/security/test/csp/test_bug1505412.html')
-rw-r--r-- | dom/security/test/csp/test_bug1505412.html | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/dom/security/test/csp/test_bug1505412.html b/dom/security/test/csp/test_bug1505412.html new file mode 100644 index 0000000000..717af2054b --- /dev/null +++ b/dom/security/test/csp/test_bug1505412.html @@ -0,0 +1,50 @@ +<!DOCTYPE HTML> +<html> + +<head> + <title> Bug 1505412 CSP-RO reports violations in inline-scripts with nonce</title> + <script src="/tests/SimpleTest/SimpleTest.js" nonce="foobar"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" /> + + +<body> + <p id="display"></p> + <div id="content" style="display: none"> + </div> + + <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1505412">Test for 1505412 </a> + <script class="testbody" type="text/javascript" nonce="foobar"> + /* Description of the test: + 1: We setup a Proxy that will cause the Test to Fail + if Firefox sends a CSP-Report to /report + 2: We Load an iframe with has a Script pointing to + file_bug1505412.sjs + 3: The Preloader will fetch the file and Gets redirected + 4: If correct, the File should be loaded and no CSP-Report + should be send. + */ + + + + SimpleTest.waitForExplicitFinish(); + SimpleTest.requestCompleteLog(); + SimpleTest.requestLongerTimeout(2); // Or might fail for Linux-Debug in some cases. + var script; + + window.addEventListener("load",()=>{ + let t = document.querySelector("#target"); + t.src = "file_bug1505412_frame.html"; + t.addEventListener("load",async () => { + let reportCount = await fetch("file_bug1505412_reporter.sjs?state").then(r => r.text()); + info(reportCount); + ok(reportCount == 0 , "Script Loaded without CSP beeing triggered"); + await fetch("file_bug1505412_reporter.sjs?flush"); + SimpleTest.finish(); + }); + }) + + </script> + <iframe id="target" frameborder="0"></iframe> +</body> + +</html>
\ No newline at end of file |