diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /dom/security/test/csp/file_frameancestors.sjs | |
parent | Initial commit. (diff) | |
download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/security/test/csp/file_frameancestors.sjs')
-rw-r--r-- | dom/security/test/csp/file_frameancestors.sjs | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/dom/security/test/csp/file_frameancestors.sjs b/dom/security/test/csp/file_frameancestors.sjs new file mode 100644 index 0000000000..25d4b3fe08 --- /dev/null +++ b/dom/security/test/csp/file_frameancestors.sjs @@ -0,0 +1,69 @@ +// SJS file for CSP frame ancestor mochitests +function handleRequest(request, response) { + var query = {}; + request.queryString.split("&").forEach(function (val) { + var [name, value] = val.split("="); + query[name] = unescape(value); + }); + + var isPreflight = request.method == "OPTIONS"; + + //avoid confusing cache behaviors + response.setHeader("Cache-Control", "no-cache", false); + + // grab the desired policy from the query, and then serve a page + if (query.csp) { + response.setHeader("Content-Security-Policy", unescape(query.csp), false); + } + if (query.scriptedreport) { + // spit back a script that records that the page loaded + response.setHeader("Content-Type", "text/javascript", false); + if (query.double) { + response.write( + 'window.parent.parent.parent.postMessage({call: "frameLoaded", testname: "' + + query.scriptedreport + + '", uri: "window.location.toString()"}, "*");' + ); + } else { + response.write( + 'window.parent.parent.postMessage({call: "frameLoaded", testname: "' + + query.scriptedreport + + '", uri: "window.location.toString()"}, "*");' + ); + } + } else if (query.internalframe) { + // spit back an internal iframe (one that might be blocked) + response.setHeader("Content-Type", "text/html", false); + response.write("<html><head>"); + if (query.double) { + response.write( + '<script src="file_frameancestors.sjs?double=1&scriptedreport=' + + query.testid + + '"></script>' + ); + } else { + response.write( + '<script src="file_frameancestors.sjs?scriptedreport=' + + query.testid + + '"></script>' + ); + } + response.write("</head><body>"); + response.write(unescape(query.internalframe)); + response.write("</body></html>"); + } else if (query.externalframe) { + // spit back an internal iframe (one that won't be blocked, and probably + // has no CSP) + response.setHeader("Content-Type", "text/html", false); + response.write("<html><head>"); + response.write("</head><body>"); + response.write(unescape(query.externalframe)); + response.write("</body></html>"); + } else { + // default case: error. + response.setHeader("Content-Type", "text/html", false); + response.write("<html><body>"); + response.write("ERROR: not sure what to serve."); + response.write("</body></html>"); + } +} |