summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/common/security-features/scope
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 09:22:09 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 09:22:09 +0000
commit43a97878ce14b72f0981164f87f2e35e14151312 (patch)
tree620249daf56c0258faa40cbdcf9cfba06de2a846 /testing/web-platform/tests/common/security-features/scope
parentInitial commit. (diff)
downloadfirefox-upstream.tar.xz
firefox-upstream.zip
Adding upstream version 110.0.1.upstream/110.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/common/security-features/scope')
-rw-r--r--testing/web-platform/tests/common/security-features/scope/__init__.py0
-rw-r--r--testing/web-platform/tests/common/security-features/scope/document.py36
-rw-r--r--testing/web-platform/tests/common/security-features/scope/template/document.html.template30
-rw-r--r--testing/web-platform/tests/common/security-features/scope/template/worker.js.template29
-rw-r--r--testing/web-platform/tests/common/security-features/scope/util.py43
-rw-r--r--testing/web-platform/tests/common/security-features/scope/worker.py44
6 files changed, 182 insertions, 0 deletions
diff --git a/testing/web-platform/tests/common/security-features/scope/__init__.py b/testing/web-platform/tests/common/security-features/scope/__init__.py
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/testing/web-platform/tests/common/security-features/scope/__init__.py
diff --git a/testing/web-platform/tests/common/security-features/scope/document.py b/testing/web-platform/tests/common/security-features/scope/document.py
new file mode 100644
index 0000000000..9a9f045e64
--- /dev/null
+++ b/testing/web-platform/tests/common/security-features/scope/document.py
@@ -0,0 +1,36 @@
+import os, sys, json
+
+from wptserve.utils import isomorphic_decode, isomorphic_encode
+
+import importlib
+util = importlib.import_module("common.security-features.scope.util")
+
+def main(request, response):
+ policyDeliveries = json.loads(request.GET.first(b"policyDeliveries", b"[]"))
+ maybe_additional_headers = {}
+ meta = u''
+ error = u''
+ for delivery in policyDeliveries:
+ if delivery[u'deliveryType'] == u'meta':
+ if delivery[u'key'] == u'referrerPolicy':
+ meta += u'<meta name="referrer" content="%s">' % delivery[u'value']
+ else:
+ error = u'invalid delivery key'
+ elif delivery[u'deliveryType'] == u'http-rp':
+ if delivery[u'key'] == u'referrerPolicy':
+ maybe_additional_headers[b'Referrer-Policy'] = isomorphic_encode(delivery[u'value'])
+ else:
+ error = u'invalid delivery key'
+ else:
+ error = u'invalid deliveryType'
+
+ handler = lambda: util.get_template(u"document.html.template") % ({
+ u"meta": meta,
+ u"error": error
+ })
+ util.respond(
+ request,
+ response,
+ payload_generator=handler,
+ content_type=b"text/html",
+ maybe_additional_headers=maybe_additional_headers)
diff --git a/testing/web-platform/tests/common/security-features/scope/template/document.html.template b/testing/web-platform/tests/common/security-features/scope/template/document.html.template
new file mode 100644
index 0000000000..37e29f8e97
--- /dev/null
+++ b/testing/web-platform/tests/common/security-features/scope/template/document.html.template
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ %(meta)s
+ <script src="/common/security-features/resources/common.sub.js"></script>
+ <script>
+ // Receive a message from the parent and start the test.
+ function onMessageFromParent(event) {
+ // Because this window might receive messages from child iframe during
+ // tests, we first remove the listener here before staring the test.
+ window.removeEventListener('message', onMessageFromParent);
+
+ const configurationError = "%(error)s";
+ if (configurationError.length > 0) {
+ parent.postMessage({error: configurationError}, "*");
+ return;
+ }
+
+ invokeRequest(event.data.subresource,
+ event.data.sourceContextList)
+ .then(result => parent.postMessage(result, "*"))
+ .catch(e => {
+ const message = (e.error && e.error.stack) || e.message || "Error";
+ parent.postMessage({error: message}, "*");
+ });
+ }
+ window.addEventListener('message', onMessageFromParent);
+ </script>
+ </head>
+</html>
diff --git a/testing/web-platform/tests/common/security-features/scope/template/worker.js.template b/testing/web-platform/tests/common/security-features/scope/template/worker.js.template
new file mode 100644
index 0000000000..7a2a6e05c4
--- /dev/null
+++ b/testing/web-platform/tests/common/security-features/scope/template/worker.js.template
@@ -0,0 +1,29 @@
+%(import)s
+
+if ('DedicatedWorkerGlobalScope' in self &&
+ self instanceof DedicatedWorkerGlobalScope) {
+ self.onmessage = event => onMessageFromParent(event, self);
+} else if ('SharedWorkerGlobalScope' in self &&
+ self instanceof SharedWorkerGlobalScope) {
+ onconnect = event => {
+ const port = event.ports[0];
+ port.onmessage = event => onMessageFromParent(event, port);
+ };
+}
+
+// Receive a message from the parent and start the test.
+function onMessageFromParent(event, port) {
+ const configurationError = "%(error)s";
+ if (configurationError.length > 0) {
+ port.postMessage({error: configurationError});
+ return;
+ }
+
+ invokeRequest(event.data.subresource,
+ event.data.sourceContextList)
+ .then(result => port.postMessage(result))
+ .catch(e => {
+ const message = (e.error && e.error.stack) || e.message || "Error";
+ port.postMessage({error: message});
+ });
+}
diff --git a/testing/web-platform/tests/common/security-features/scope/util.py b/testing/web-platform/tests/common/security-features/scope/util.py
new file mode 100644
index 0000000000..da5aacf35e
--- /dev/null
+++ b/testing/web-platform/tests/common/security-features/scope/util.py
@@ -0,0 +1,43 @@
+import os
+
+from wptserve.utils import isomorphic_decode
+
+def get_template(template_basename):
+ script_directory = os.path.dirname(os.path.abspath(isomorphic_decode(__file__)))
+ template_directory = os.path.abspath(
+ os.path.join(script_directory, u"template"))
+ template_filename = os.path.join(template_directory, template_basename)
+
+ with open(template_filename, "r") as f:
+ return f.read()
+
+
+def __noop(request, response):
+ return u""
+
+
+def respond(request,
+ response,
+ status_code=200,
+ content_type=b"text/html",
+ payload_generator=__noop,
+ cache_control=b"no-cache; must-revalidate",
+ access_control_allow_origin=b"*",
+ maybe_additional_headers=None):
+ response.add_required_headers = False
+ response.writer.write_status(status_code)
+
+ if access_control_allow_origin != None:
+ response.writer.write_header(b"access-control-allow-origin",
+ access_control_allow_origin)
+ response.writer.write_header(b"content-type", content_type)
+ response.writer.write_header(b"cache-control", cache_control)
+
+ additional_headers = maybe_additional_headers or {}
+ for header, value in additional_headers.items():
+ response.writer.write_header(header, value)
+
+ response.writer.end_headers()
+
+ payload = payload_generator()
+ response.writer.write(payload)
diff --git a/testing/web-platform/tests/common/security-features/scope/worker.py b/testing/web-platform/tests/common/security-features/scope/worker.py
new file mode 100644
index 0000000000..6b321e7de1
--- /dev/null
+++ b/testing/web-platform/tests/common/security-features/scope/worker.py
@@ -0,0 +1,44 @@
+import os, sys, json
+
+from wptserve.utils import isomorphic_decode, isomorphic_encode
+import importlib
+util = importlib.import_module("common.security-features.scope.util")
+
+def main(request, response):
+ policyDeliveries = json.loads(request.GET.first(b'policyDeliveries', b'[]'))
+ worker_type = request.GET.first(b'type', b'classic')
+ commonjs_url = u'%s://%s:%s/common/security-features/resources/common.sub.js' % (
+ request.url_parts.scheme, request.url_parts.hostname,
+ request.url_parts.port)
+ if worker_type == b'classic':
+ import_line = u'importScripts("%s");' % commonjs_url
+ else:
+ import_line = u'import "%s";' % commonjs_url
+
+ maybe_additional_headers = {}
+ error = u''
+ for delivery in policyDeliveries:
+ if delivery[u'deliveryType'] == u'meta':
+ error = u'<meta> cannot be used in WorkerGlobalScope'
+ elif delivery[u'deliveryType'] == u'http-rp':
+ if delivery[u'key'] == u'referrerPolicy':
+ maybe_additional_headers[b'Referrer-Policy'] = isomorphic_encode(delivery[u'value'])
+ elif delivery[u'key'] == u'mixedContent' and delivery[u'value'] == u'opt-in':
+ maybe_additional_headers[b'Content-Security-Policy'] = b'block-all-mixed-content'
+ elif delivery[u'key'] == u'upgradeInsecureRequests' and delivery[u'value'] == u'upgrade':
+ maybe_additional_headers[b'Content-Security-Policy'] = b'upgrade-insecure-requests'
+ else:
+ error = u'invalid delivery key for http-rp: %s' % delivery[u'key']
+ else:
+ error = u'invalid deliveryType: %s' % delivery[u'deliveryType']
+
+ handler = lambda: util.get_template(u'worker.js.template') % ({
+ u'import': import_line,
+ u'error': error
+ })
+ util.respond(
+ request,
+ response,
+ payload_generator=handler,
+ content_type=b'text/javascript',
+ maybe_additional_headers=maybe_additional_headers)