forked from mirrors/gecko-dev
Bug 1805676 - Modify csp tests for shared workers; r=asuth
This change updates remaining tests. Differential Revision: https://phabricator.services.mozilla.com/D167666
This commit is contained in:
Yulia Startsev
parent
74322e4e4d
commit
58e564b458
20 changed files with 354 additions and 213 deletions
|
|
@ -1,14 +1,14 @@
|
|||
[shared-worker-import-meta.html]
|
||||
expected:
|
||||
if (os == "android") and fission: [OK, TIMEOUT, ERROR]
|
||||
if release_or_beta: TIMEOUT
|
||||
if release_or_beta: [OK, TIMEOUT, ERROR]
|
||||
[OK, ERROR]
|
||||
[Test import.meta.url on the imported module script.]
|
||||
expected: FAIL
|
||||
|
||||
[Test import.meta.url on the imported module script with a fragment.]
|
||||
expected:
|
||||
if release_or_beta: TIMEOUT
|
||||
if release_or_beta: [TIMEOUT, FAIL]
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Test import.meta.url on the top-level module script.]
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -20,19 +20,3 @@
|
|||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
|
||||
expected: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
||||
[Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
|
|
|
|||
|
|
@ -1,23 +1,9 @@
|
|||
[shared-worker-import-csp.html]
|
||||
[worker-src * directive should allow cross origin static import.]
|
||||
expected:
|
||||
if release_or_beta: FAIL
|
||||
|
||||
[worker-src 'self' directive should override script-src * directive and disallow cross origin static import.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
if os == "linux": [PASS, FAIL]
|
||||
|
||||
[worker-src * directive should override script-src 'self' directive and allow cross origin static import.]
|
||||
expected:
|
||||
if release_or_beta: FAIL
|
||||
disabled:
|
||||
if release_or_beta: https://bugzilla.mozilla.org/show_bug.cgi?id=1812591
|
||||
|
||||
[script-src * directive should allow cross origin dynamic import.]
|
||||
expected: FAIL
|
||||
|
||||
[script-src * directive should allow cross origin static import.]
|
||||
expected:
|
||||
if release_or_beta: FAIL
|
||||
expected: [FAIL, TIMEOUT]
|
||||
|
||||
[script-src 'self' directive should disallow cross origin dynamic import.]
|
||||
expected:
|
||||
|
|
@ -25,14 +11,14 @@
|
|||
if (os == "win") and (processor == "x86") and debug: [PASS, FAIL]
|
||||
|
||||
[worker-src 'self' directive should not take effect on dynamic import.]
|
||||
expected: FAIL
|
||||
expected: [FAIL, TIMEOUT]
|
||||
|
||||
[script-src 'self' directive should disallow cross origin static import.]
|
||||
[worker-src * directive should allow cross origin static import.]
|
||||
expected:
|
||||
if not fission and (os == "linux"): [PASS, FAIL]
|
||||
if not fission and (os == "win") and (processor == "x86"): [PASS, FAIL]
|
||||
if nightly_build: FAIL
|
||||
if os == "linux": [PASS, FAIL]
|
||||
if (os == "win") and (processor == "x86") and debug: [PASS, FAIL]
|
||||
|
||||
[worker-src 'self' directive should disallow cross origin static import.]
|
||||
[script-src * directive should allow cross origin static import.]
|
||||
expected:
|
||||
if nightly_build: FAIL
|
||||
if os == "linux": [PASS, FAIL]
|
||||
if (os == "win") and (processor == "x86") and debug: [PASS, FAIL]
|
||||
|
|
|
|||
|
|
@ -20,7 +20,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -30,7 +36,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -40,7 +52,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -50,7 +68,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -60,7 +84,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -70,7 +100,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -20,7 +20,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -30,7 +36,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -40,7 +52,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -50,7 +68,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -60,7 +84,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -70,7 +100,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -20,7 +20,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -30,7 +36,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -40,7 +52,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -50,7 +68,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -60,7 +84,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -70,7 +100,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -20,7 +20,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -30,7 +36,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -40,7 +52,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -50,7 +68,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -60,7 +84,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -70,7 +100,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "http-rp",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -21,7 +21,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -31,7 +37,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -41,7 +53,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -51,7 +69,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -61,7 +85,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -71,7 +101,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -21,7 +21,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -31,7 +37,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -41,7 +53,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -51,7 +69,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -61,7 +85,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -71,7 +101,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'script-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -21,7 +21,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -31,7 +37,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -41,7 +53,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -51,7 +69,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -61,7 +85,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context."
|
||||
},
|
||||
{
|
||||
|
|
@ -71,7 +101,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "http",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -21,7 +21,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -31,7 +37,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects allowed for sharedworker-import to same-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -41,7 +53,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -51,7 +69,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -61,7 +85,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context."
|
||||
},
|
||||
{
|
||||
|
|
@ -71,7 +101,13 @@
|
|||
"source_context_list": [],
|
||||
"source_scheme": "https",
|
||||
"subresource": "sharedworker-import",
|
||||
"subresource_policy_deliveries": [],
|
||||
"subresource_policy_deliveries": [
|
||||
{
|
||||
"deliveryType": "meta",
|
||||
"key": "contentSecurityPolicy",
|
||||
"value": 'worker-src-self'
|
||||
}
|
||||
],
|
||||
"test_description": "Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context."
|
||||
}
|
||||
],
|
||||
|
|
|
|||
|
|
@ -20,16 +20,11 @@ function import_csp_test(
|
|||
cspHeader, importType, expectedImportedModules, description) {
|
||||
// Append CSP header to windowURL for static import tests since static import
|
||||
// scripts should obey Window's CSP.
|
||||
const windowURL = `resources/new-shared-worker-window.html` +
|
||||
`${importType === 'static'
|
||||
? '?pipe=header(Content-Security-Policy, ' + cspHeader + ')'
|
||||
: ''}`;
|
||||
// Append CSP header to scriptURL for dynamic import tests since dynamic
|
||||
// import scripts should obey SharedWorker script's responce's CSP.
|
||||
const windowURL = "resources/new-shared-worker-window.html"
|
||||
// Append CSP header to scriptURL as scripts should obey SharedWorker
|
||||
// script's responce's CSP.
|
||||
const scriptURL = `${importType}-import-remote-origin-script-worker.sub.js` +
|
||||
`${importType === 'dynamic'
|
||||
? '?pipe=header(Content-Security-Policy, ' + cspHeader + ')'
|
||||
: ''}`;
|
||||
`?pipe=header(Content-Security-Policy, ${cspHeader})`;
|
||||
promise_test(async () => {
|
||||
// Open a window that has the given CSP header.
|
||||
const win = await openWindow(windowURL);
|
||||
|
|
|
|||
|
|
@ -929,8 +929,8 @@ const subresourceMap = {
|
|||
},
|
||||
"sharedworker-import": {
|
||||
path: "/common/security-features/subresource/shared-worker.py",
|
||||
invoker: url =>
|
||||
requestViaSharedWorker(workerUrlThatImports(url), {type: "module"}),
|
||||
invoker: (url, additionalAttributes) =>
|
||||
requestViaSharedWorker(workerUrlThatImports(url, additionalAttributes), {type: "module"}),
|
||||
},
|
||||
"sharedworker-import-data": {
|
||||
path: "/common/security-features/subresource/shared-worker.py",
|
||||
|
|
|
|||
Loading…
Reference in a new issue