diff options
Diffstat (limited to '')
2 files changed, 63 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/inside-worker/dedicatedworker-script-src.html b/testing/web-platform/tests/content-security-policy/inside-worker/dedicatedworker-script-src.html new file mode 100644 index 0000000000..296ba58f5e --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/inside-worker/dedicatedworker-script-src.html @@ -0,0 +1,57 @@ +<!DOCTYPE html> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<!-- Test the 'script-src' directive on dedicated workers --> +<script nonce="a"> + let reportCookieName = location.pathname.split('/')[ + location.pathname.split('/').length - 1].split('.')[0]; + let reportID = document.cookie.split('; ') + .find(cookie => cookie.startsWith(reportCookieName + '=')) + .split('=')[1].trim(); + + promise_test(async t => { + // Dedicated workers do not inherit CSP in general. + await fetch_tests_from_worker( + new Worker("./support/script-src-allow.sub.js")); + + // Dedicated workers honor CSP received in their response headers. + await fetch_tests_from_worker( + new Worker( + `./support/script-src-self.sub.js?id=${reportID}` + + `&test-name=script-src 'self'` + + `&pipe=sub|header(Content-Security-Policy,` + + `script-src 'self' ; report-uri ` + + `/reporting/resources/report.py?op=put%26reportID=${reportID})`)); + + + let blob = await fetch(`./support/script-src-self.sub.js?id=${reportID}` + + `&test-name=script-src 'self'`) + .then(r => r.blob()); + + // 'blob:' URL workers inherit CSP. + let blob_url = URL.createObjectURL(blob); + await fetch_tests_from_worker(new Worker(blob_url)); + + if (window.webkitRequestFileSystem) { + // 'filesystem:' URL workers inherit CSP. + let fs = await new Promise(resolve => + window.webkitRequestFileSystem(window.TEMPORARY, 1024*1024, resolve)); + + let fs_entry = await new Promise(resolve => + fs.root.getFile('dedicated-script-src.js', + { create: true }, resolve)); + + let writer = await new Promise(resolve => fs_entry.createWriter(resolve)); + + writer.onerror = t.unreached_func("Could not write to filesystem entry"); + + writer.write(blob); + await new Promise(resolve => writer.onwriteend = resolve); + + let fs_url = fs_entry.toURL(); + await fetch_tests_from_worker(new Worker(fs_url)); + + await new Promise(resolve => fs_entry.remove(resolve)); + } + }); +</script> diff --git a/testing/web-platform/tests/content-security-policy/inside-worker/dedicatedworker-script-src.html.sub.headers b/testing/web-platform/tests/content-security-policy/inside-worker/dedicatedworker-script-src.html.sub.headers new file mode 100644 index 0000000000..c7768a5af0 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/inside-worker/dedicatedworker-script-src.html.sub.headers @@ -0,0 +1,6 @@ +Expires: Mon, 26 Jul 1997 05:00:00 GMT +Cache-Control: no-store, no-cache, must-revalidate +Cache-Control: post-check=0, pre-check=0, false +Pragma: no-cache +Set-Cookie: dedicatedworker-script-src={{$id:uuid()}}; Path=/content-security-policy/inside-worker/ +Content-Security-Policy: script-src 'self' 'nonce-a' blob: filesystem: ; report-uri /reporting/resources/report.py?op=put&reportID={{$id}} |