blob: 717af2054bba169c81c8dfb9f1710c0de323f1f9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
<!DOCTYPE HTML>
<html>
<head>
<title> Bug 1505412 CSP-RO reports violations in inline-scripts with nonce</title>
<script src="/tests/SimpleTest/SimpleTest.js" nonce="foobar"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
<body>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1505412">Test for 1505412 </a>
<script class="testbody" type="text/javascript" nonce="foobar">
/* Description of the test:
1: We setup a Proxy that will cause the Test to Fail
if Firefox sends a CSP-Report to /report
2: We Load an iframe with has a Script pointing to
file_bug1505412.sjs
3: The Preloader will fetch the file and Gets redirected
4: If correct, the File should be loaded and no CSP-Report
should be send.
*/
SimpleTest.waitForExplicitFinish();
SimpleTest.requestCompleteLog();
SimpleTest.requestLongerTimeout(2); // Or might fail for Linux-Debug in some cases.
var script;
window.addEventListener("load",()=>{
let t = document.querySelector("#target");
t.src = "file_bug1505412_frame.html";
t.addEventListener("load",async () => {
let reportCount = await fetch("file_bug1505412_reporter.sjs?state").then(r => r.text());
info(reportCount);
ok(reportCount == 0 , "Script Loaded without CSP beeing triggered");
await fetch("file_bug1505412_reporter.sjs?flush");
SimpleTest.finish();
});
})
</script>
<iframe id="target" frameborder="0"></iframe>
</body>
</html>
|
