summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/reporting/reporting-isolated-across-navigations.https.sub.html
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/tests/reporting/reporting-isolated-across-navigations.https.sub.html')
-rw-r--r--testing/web-platform/tests/reporting/reporting-isolated-across-navigations.https.sub.html56
1 files changed, 56 insertions, 0 deletions
diff --git a/testing/web-platform/tests/reporting/reporting-isolated-across-navigations.https.sub.html b/testing/web-platform/tests/reporting/reporting-isolated-across-navigations.https.sub.html
new file mode 100644
index 0000000000..df61afa833
--- /dev/null
+++ b/testing/web-platform/tests/reporting/reporting-isolated-across-navigations.https.sub.html
@@ -0,0 +1,56 @@
+<!DOCTYPE html>
+<meta charset="utf-8">
+<title>Bug test page 1</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="resources/report-helper.js"></script>
+<script>
+promise_test(async t => {
+ await new Promise(resolve => {
+ window.addEventListener("message", resolve);
+ });
+ // At this point, the reporting endpoint should have received all three
+ // reports. Ensure that reports from the first page are not batched with
+ // those from the second, or sent to its endpoint.
+ const csp1_uuid = "112868aa-4b59-57c7-a388-db909ef24295";
+ const csp2_uuid = "612bf2ee-b9b8-5f8d-a239-0981c6ff057e";
+ const reports1 = await pollReports('/reporting/resources/report.py', csp1_uuid);
+ const reports2 = await pollReports('/reporting/resources/report.py', csp2_uuid);
+
+ const url_prefix = "https://{{location[host]}}/reporting/resources/";
+
+ // Validate that both received reports were CSP img-src violations from the
+ // same reporting source. Each image should be represented once, although the
+ // order does not matter.
+
+ assert_equals(reports1.length, 2, "First endpoint should receive two reports");
+
+ assert_equals(reports1[0].type, "csp-violation");
+ assert_equals(reports1[0].url, url_prefix + "first-csp-report.https.sub.html");
+ assert_equals(reports1[0].body.disposition, "enforce");
+ assert_equals(reports1[0].body.effectiveDirective, "img-src");
+
+ assert_equals(reports1[1].type, "csp-violation");
+ assert_equals(reports1[1].url, url_prefix + "first-csp-report.https.sub.html");
+ assert_equals(reports1[1].body.disposition, "enforce");
+ assert_equals(reports1[1].body.effectiveDirective, "img-src");
+
+ var image_sources = [reports1[0].body.blockedURL, reports1[1].body.blockedURL].sort();
+ assert_equals(image_sources[0], url_prefix + "missing1.png");
+ assert_equals(image_sources[1], url_prefix + "missing2.png");
+
+ // Validate that the report received from the second endpoint was also a CSP
+ // img-source violation, from a different URL.
+
+ assert_equals(reports2.length, 1, "Second endpoint should reecive one report");
+ assert_equals(reports2[0].type, "csp-violation");
+ assert_equals(reports2[0].url, url_prefix + "second-csp-report.https.sub.html");
+ assert_equals(reports2[0].body.disposition, "enforce");
+ assert_equals(reports2[0].body.effectiveDirective, "img-src");
+ assert_equals(reports2[0].body.blockedURL, url_prefix + "missing3.png");
+}, "Reports should be sent to the correct endpoints");
+</script>
+<body>
+<h1>Bug test main frame</h1>
+<iframe id="frame" src="resources/first-csp-report.https.sub.html"></iframe>
+</body>