Adding upstream version 1:115.7.0.upstream/1%115.7.0upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

12 files changed, 153 insertions, 0 deletions

diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html
new file mode 100644
index 0000000000..0d0f46fda4
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-c6TzhBw/snA+hlDMGOuKLWXIkb2sawA/S1wbSe6FeEM=';">
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+    <script nonce="abc">
+      var t1 = async_test("Should convert the script contents to UTF-8 before hashing");
+      window.addEventListener("securitypolicyviolation", t1.unreached_func("Should not have fired a spv"));
+    </script>
+
+    <!-- µ (micro sign) has the value of 0xB5 in latin-1 and of 0xC2B5 in utf-8 but the hash value should be the same as the utf-8 computed one -->
+    <script>
+      // µ - latin micro sign
+      t1.done();
+    </script>
+</body>
+</html>
+
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html.sub.headers b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html.sub.headers
new file mode 100644
index 0000000000..acc92f4e80
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-1.html.sub.headers
@@ -0,0 +1 @@
+Content-Type: text/html; charset=iso-8859-1
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html
new file mode 100644
index 0000000000..d4a0de41e2
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-hbNM6T3uO5pu4o5YfNnUmwtq5VHHMr7V5ospXtx9bqU=';">
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+    <script nonce="abc">
+      var t3 = async_test("Should convert the script contents to UTF-8 before hashing");
+      window.addEventListener("securitypolicyviolation", t3.unreached_func("Should not have fired a spv"));
+    </script>
+
+    <!-- « (latin capital letter g with breve) has the value of 0xAB in latin-3 and of 0xC49E in utf-8 but the hash value should be the same as the utf-8 computed one -->
+    <script>
+      // « - latin capital letter g with breve
+      t3.done();
+    </script>
+</body>
+</html>
+
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html.sub.headers b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html.sub.headers
new file mode 100644
index 0000000000..ae3e03dae1
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-3.html.sub.headers
@@ -0,0 +1 @@
+Content-Type: text/html; charset=iso-8859-3
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html
new file mode 100644
index 0000000000..62876f1e43
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-ST0rpskqtEC0Q0hqbIAZFeE1KBMJeGZGyYaTcTkieG8=';">
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+    <script nonce="abc">
+      var t2 = async_test("Should convert the script contents to UTF-8 before hashing");
+      window.addEventListener("securitypolicyviolation", t2.unreached_func("Should not have fired a spv"));
+    </script>
+
+    <!-- ì (greek small letter mu) has the value of 0xEC in latin-7 and of 0xCEBC in utf-8 but the hash value should be the same as the utf-8 computed one -->
+    <script>
+      // ì - greek small letter mu
+      t2.done();
+    </script>
+</body>
+</html>
+
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html.sub.headers b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html.sub.headers
new file mode 100644
index 0000000000..9550b0de30
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-7.html.sub.headers
@@ -0,0 +1 @@
+Content-Type: text/html; charset=iso-8859-7
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html
new file mode 100644
index 0000000000..8c1db6d203
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-hbNM6T3uO5pu4o5YfNnUmwtq5VHHMr7V5ospXtx9bqU=';">
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+    <script nonce="abc">
+      var t3 = async_test("Should convert the script contents to UTF-8 before hashing");
+      window.addEventListener("securitypolicyviolation", t3.unreached_func("Should not have fired a spv"));
+    </script>
+
+    <!-- Ð (latin capital letter g with breve) has the value of 0xD0 in latin-9 and of 0xC49E in utf-8 but the hash value should be the same as the utf-8 computed one -->
+    <script>
+      // Ð - latin capital letter g with breve
+      t3.done();
+    </script>
+</body>
+</html>
+
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html.sub.headers b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html.sub.headers
new file mode 100644
index 0000000000..6382ff86a7
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/iso-8859-9.html.sub.headers
@@ -0,0 +1 @@
+Content-Type: text/html; charset=iso-8859-9
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html
new file mode 100644
index 0000000000..58730a72cc
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html
@@ -0,0 +1,31 @@
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-YJSaNEZFStZqU2Mp2EttwhcP2aT9lnDvexn+BM2HfKo=';">
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+    <script nonce="abc">
+      var t = async_test("Should convert the script contents to UTF-8 before hashing");
+      var count = 0;
+      var script_ran = function() {
+        // if both blocks run the tests is succsssful
+        if (++count == 2) t.done();
+      }
+      window.addEventListener("securitypolicyviolation", t.unreached_func("Should not have fired a spv"));
+
+      // Insert a script element that contains the U+FFFD replacement character
+      var scr1 = document.createElement('script');
+      scr1.text ="//\uFFFD\nscript_ran();";
+      document.body.appendChild(scr1);
+
+      // Insert a script element that contains a surrogate character but it otherwise
+      // entirely identical to the previously inserted one, the surrogate should be
+      // be converted to U+FFFD when converting to UTF-8 so it should have the
+      // same hash as the one inserted before
+      var scr2 = document.createElement('script');
+      scr2.text ="//\uD801\nscript_ran();";
+      document.body.appendChild(scr2);
+    </script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html.sub.headers b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html.sub.headers
new file mode 100644
index 0000000000..2d1c08b9e8
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8-lone-surrogate.html.sub.headers
@@ -0,0 +1 @@
+Content-Type: text/html; charset=utf-8
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html
new file mode 100644
index 0000000000..b770cba246
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html
@@ -0,0 +1,36 @@
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc'
+          'sha256-c6TzhBw/snA+hlDMGOuKLWXIkb2sawA/S1wbSe6FeEM='
+          'sha256-ST0rpskqtEC0Q0hqbIAZFeE1KBMJeGZGyYaTcTkieG8='
+          'sha256-hbNM6T3uO5pu4o5YfNnUmwtq5VHHMr7V5ospXtx9bqU=';">
+          <!-- hashes matching the 3 script blocks below -->
+    <script src='/resources/testharness.js'></script>
+    <script src='/resources/testharnessreport.js'></script>
+</head>
+<body>
+    <script nonce="abc">
+      var t1 = async_test("Should convert the script contents to UTF-8 before hashing - latin micro sign");
+      window.addEventListener("securitypolicyviolation", t1.unreached_func("Should not have fired a spv"));
+      var t2 = async_test("Should convert the script contents to UTF-8 before hashing - greek small letter mu");
+      window.addEventListener("securitypolicyviolation", t2.unreached_func("Should not have fired a spv"));
+      var t3 = async_test("Should convert the script contents to UTF-8 before hashing - latin capital letter g with breve");
+      window.addEventListener("securitypolicyviolation", t3.unreached_func("Should not have fired a spv"));
+    </script>
+
+    <!-- the hash values of these script blocks should match the same values
+         of identical script blocks in documents with other encodings -->
+    <script>
+      // µ - latin micro sign
+      t1.done();
+    </script>
+    <script>
+      // μ - greek small letter mu
+      t2.done();
+    </script>
+    <script>
+      // Äž - latin capital letter g with breve
+      t3.done();
+    </script>
+</body>
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.sub.headers b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.sub.headers
new file mode 100644
index 0000000000..2d1c08b9e8
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.sub.headers
@@ -0,0 +1 @@
+Content-Type: text/html; charset=utf-8