Adding upstream version 110.0.1.upstream/110.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 54 insertions, 0 deletions

diff --git a/dom/workers/test/test_csp.js b/dom/workers/test/test_csp.js
new file mode 100644
index 0000000000..7058b6d078
--- /dev/null
+++ b/dom/workers/test/test_csp.js
@@ -0,0 +1,54 @@
+/**
+ * Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/
+ */
+var tests = 3;
+
+SimpleTest.waitForExplicitFinish();
+
+testDone = function(event) {
+  if (!--tests) {
+    SimpleTest.finish();
+  }
+};
+
+// Workers don't inherit CSP
+worker = new Worker("csp_worker.js");
+worker.postMessage({ do: "eval" });
+worker.onmessage = function(event) {
+  is(event.data, 42, "Eval succeeded!");
+  testDone();
+};
+
+// blob: workers *do* inherit CSP
+xhr = new XMLHttpRequest();
+xhr.open("GET", "csp_worker.js");
+xhr.responseType = "blob";
+xhr.send();
+xhr.onload = e => {
+  uri = URL.createObjectURL(e.target.response);
+  worker = new Worker(uri);
+  worker.postMessage({ do: "eval" });
+  worker.onmessage = function(event) {
+    is(event.data, "EvalError: call to eval() blocked by CSP", "Eval threw");
+    testDone();
+  };
+};
+
+xhr = new XMLHttpRequest();
+xhr.open("GET", "csp_worker.js");
+xhr.responseType = "blob";
+xhr.send();
+xhr.onload = e => {
+  uri = URL.createObjectURL(e.target.response);
+  worker = new Worker(uri);
+  worker.postMessage({ do: "nest", uri, level: 3 });
+  worker.onmessage = function(event) {
+    is(
+      event.data,
+      "EvalError: call to eval() blocked by CSP",
+      "Eval threw in nested worker"
+    );
+    testDone();
+  };
+};