nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Bug 1423844 - Enable ESLint for dom/security/test/unit/ r=Standard8,jkt

Browse source 
Enable ESLint for dom/security/test/unit

Differential Revision: https://phabricator.services.mozilla.com/D14617

--HG--
extra : moz-landing-system : lando
This commit is contained in:
championshuttler 2018-12-17 15:47:44 +00:00
parent e3ae63b02e
commit 6e072992a2
4 changed files with 23 additions and 29 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

1
.eslintignore
View file

@ -215,7 +215,6 @@ dom/security/test/csp/**
dom/security/test/general/** dom/security/test/general/**
dom/security/test/mixedcontentblocker/** dom/security/test/mixedcontentblocker/**
dom/security/test/sri/** dom/security/test/sri/**
dom/security/test/unit/**
dom/serviceworkers/** dom/serviceworkers/**
dom/smil/** dom/smil/**
dom/svg/** dom/svg/**

19
dom/security/test/unit/test_csp_reports.js
View file

@ -2,7 +2,7 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this * License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
ChromeUtils.import('resource://gre/modules/NetUtil.jsm'); ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
ChromeUtils.import("resource://gre/modules/Services.jsm"); ChromeUtils.import("resource://gre/modules/Services.jsm");
ChromeUtils.import("resource://testing-common/httpd.js"); ChromeUtils.import("resource://testing-common/httpd.js");
@ -33,7 +33,7 @@ function makeReportHandler(testpath, message, expectedJSON) {
? request.getHeader("Content-Type") : undefined; ? request.getHeader("Content-Type") : undefined;
if (contentType !== "application/csp-report") { if (contentType !== "application/csp-report") {
do_throw("violation report should have the 'application/csp-report' " + do_throw("violation report should have the 'application/csp-report' " +
"content-type, when in fact it is " + contentType.toString()) "content-type, when in fact it is " + contentType.toString());
} }
// obtain violation report // obtain violation report
@ -47,7 +47,7 @@ function makeReportHandler(testpath, message, expectedJSON) {
// dump("EXPECTED: \n" + JSON.stringify(expectedJSON) + "\n\n"); // dump("EXPECTED: \n" + JSON.stringify(expectedJSON) + "\n\n");
for (var i in expectedJSON) for (var i in expectedJSON)
Assert.equal(expectedJSON[i], reportObj['csp-report'][i]); Assert.equal(expectedJSON[i], reportObj["csp-report"][i]);
testsToFinish--; testsToFinish--;
httpServer.registerPathHandler(testpath, null); httpServer.registerPathHandler(testpath, null);
@ -80,9 +80,7 @@ function makeTest(id, expectedJSON, useReportOnlyPolicy, callback) {
dump("Created test " + id + " : " + policy + "\n\n"); dump("Created test " + id + " : " + policy + "\n\n");
let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] principal = Services.scriptSecurityManager.createCodebasePrincipal(selfuri, {});
.getService(Ci.nsIScriptSecurityManager);
principal = ssm.createCodebasePrincipal(selfuri, {});
csp.setRequestContext(null, principal); csp.setRequestContext(null, principal);
// Load up the policy // Load up the policy
@ -93,7 +91,7 @@ function makeTest(id, expectedJSON, useReportOnlyPolicy, callback) {
var handler = makeReportHandler("/test" + id, "Test " + id, expectedJSON); var handler = makeReportHandler("/test" + id, "Test " + id, expectedJSON);
httpServer.registerPathHandler("/test" + id, handler); httpServer.registerPathHandler("/test" + id, handler);
//trigger the violation // trigger the violation
callback(csp); callback(csp);
} }
@ -122,11 +120,11 @@ function run_test() {
// test that eval violations cause a report. // test that eval violations cause a report.
makeTest(1, {"blocked-uri": "eval", makeTest(1, {"blocked-uri": "eval",
// JSON script-sample is UTF8 encoded // JSON script-sample is UTF8 encoded
"script-sample" : "\xc2\xa3\xc2\xa5\xc2\xb5\xe5\x8c\x97\xf0\xa0\x9d\xb9", "script-sample": "\xc2\xa3\xc2\xa5\xc2\xb5\xe5\x8c\x97\xf0\xa0\x9d\xb9",
"line-number": 1, "line-number": 1,
"column-number": 2}, false, "column-number": 2}, false,
function(csp) { function(csp) {
let evalOK = true, oReportViolation = {'value': false}; let evalOK = true, oReportViolation = {"value": false};
evalOK = csp.getAllowsEval(oReportViolation); evalOK = csp.getAllowsEval(oReportViolation);
// this is not a report only policy, so it better block eval // this is not a report only policy, so it better block eval
@ -178,7 +176,7 @@ function run_test() {
// test that eval violations cause a report in report-only policy // test that eval violations cause a report in report-only policy
makeTest(4, {"blocked-uri": "inline"}, true, makeTest(4, {"blocked-uri": "inline"}, true,
function(csp) { function(csp) {
let evalOK = true, oReportViolation = {'value': false}; let evalOK = true, oReportViolation = {"value": false};
evalOK = csp.getAllowsEval(oReportViolation); evalOK = csp.getAllowsEval(oReportViolation);
// this is a report only policy, so it better allow eval // this is a report only policy, so it better allow eval
@ -225,7 +223,6 @@ function run_test() {
var selfSpec = REPORT_SERVER_URI + ":" + REPORT_SERVER_PORT + "/foo/self/foo.js"; var selfSpec = REPORT_SERVER_URI + ":" + REPORT_SERVER_PORT + "/foo/self/foo.js";
makeTest(7, {"blocked-uri": selfSpec}, false, makeTest(7, {"blocked-uri": selfSpec}, false,
function(csp) { function(csp) {
var uri = NetUtil
// shouldLoad creates and sends out the report here. // shouldLoad creates and sends out the report here.
csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT, csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT,
null, // nsICSPEventListener null, // nsICSPEventListener

26
dom/security/test/unit/test_csp_upgrade_insecure_request_header.js
View file

@ -1,14 +1,13 @@
ChromeUtils.import("resource://testing-common/httpd.js"); ChromeUtils.import("resource://testing-common/httpd.js");
ChromeUtils.import("resource://gre/modules/NetUtil.jsm"); ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
ChromeUtils.import("resource://gre/modules/Services.jsm");
var prefs = Cc["@mozilla.org/preferences-service;1"].
getService(Ci.nsIPrefBranch);
// Since this test creates a TYPE_DOCUMENT channel via javascript, it will // Since this test creates a TYPE_DOCUMENT channel via javascript, it will
// end up using the wrong LoadInfo constructor. Setting this pref will disable // end up using the wrong LoadInfo constructor. Setting this pref will disable
// the ContentPolicyType assertion in the constructor. // the ContentPolicyType assertion in the constructor.
prefs.setBoolPref("network.loadinfo.skip_type_assertion", true); Services.prefs.setBoolPref("network.loadinfo.skip_type_assertion", true);
XPCOMUtils.defineLazyGetter(this, "URL", function() { XPCOMUtils.defineLazyGetter(this, "URL", function() {
return "http://localhost:" + httpserver.identity.primaryPort; return "http://localhost:" + httpserver.identity.primaryPort;
@ -23,22 +22,22 @@ var tests = [
{ {
description: "should not set request header for TYPE_OTHER", description: "should not set request header for TYPE_OTHER",
expectingHeader: false, expectingHeader: false,
contentType: Ci.nsIContentPolicy.TYPE_OTHER contentType: Ci.nsIContentPolicy.TYPE_OTHER,
}, },
{ {
description: "should set request header for TYPE_DOCUMENT", description: "should set request header for TYPE_DOCUMENT",
expectingHeader: true, expectingHeader: true,
contentType: Ci.nsIContentPolicy.TYPE_DOCUMENT contentType: Ci.nsIContentPolicy.TYPE_DOCUMENT,
}, },
{ {
description: "should set request header for TYPE_SUBDOCUMENT", description: "should set request header for TYPE_SUBDOCUMENT",
expectingHeader: true, expectingHeader: true,
contentType: Ci.nsIContentPolicy.TYPE_SUBDOCUMENT contentType: Ci.nsIContentPolicy.TYPE_SUBDOCUMENT,
}, },
{ {
description: "should not set request header for TYPE_IMG", description: "should not set request header for TYPE_IMG",
expectingHeader: false, expectingHeader: false,
contentType: Ci.nsIContentPolicy.TYPE_IMG contentType: Ci.nsIContentPolicy.TYPE_IMG,
}, },
]; ];
@ -46,23 +45,22 @@ function ChannelListener() {
} }
ChannelListener.prototype = { ChannelListener.prototype = {
onStartRequest: function(request, context) { }, onStartRequest(request, context) { },
onDataAvailable: function(request, context, stream, offset, count) { onDataAvailable(request, context, stream, offset, count) {
do_throw("Should not get any data!"); do_throw("Should not get any data!");
}, },
onStopRequest: function(request, context, status) { onStopRequest(request, context, status) {
var upgrade_insecure_header = false; var upgrade_insecure_header = false;
try { try {
if (request.getRequestHeader("Upgrade-Insecure-Requests")) { if (request.getRequestHeader("Upgrade-Insecure-Requests")) {
upgrade_insecure_header = true; upgrade_insecure_header = true;
} }
} } catch (e) {
catch (e) {
// exception is thrown if header is not available on the request // exception is thrown if header is not available on the request
} }
// debug // debug
// dump("executing test: " + curTest.description); // dump("executing test: " + curTest.description);
Assert.equal(upgrade_insecure_header, curTest.expectingHeader) Assert.equal(upgrade_insecure_header, curTest.expectingHeader);
run_next_test(); run_next_test();
}, },
}; };
@ -71,7 +69,7 @@ function setupChannel(aContentType) {
var chan = NetUtil.newChannel({ var chan = NetUtil.newChannel({
uri: URL + testpath, uri: URL + testpath,
loadUsingSystemPrincipal: true, loadUsingSystemPrincipal: true,
contentPolicyType: aContentType contentPolicyType: aContentType,
}); });
chan.QueryInterface(Ci.nsIHttpChannel); chan.QueryInterface(Ci.nsIHttpChannel);
chan.requestMethod = "GET"; chan.requestMethod = "GET";

6
dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
View file

@ -8,6 +8,7 @@
ChromeUtils.import("resource://gre/modules/NetUtil.jsm"); ChromeUtils.import("resource://gre/modules/NetUtil.jsm");
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm"); ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
ChromeUtils.import("resource://gre/modules/Services.jsm");
XPCOMUtils.defineLazyServiceGetter(this, "gScriptSecurityManager", XPCOMUtils.defineLazyServiceGetter(this, "gScriptSecurityManager",
"@mozilla.org/scriptsecuritymanager;1", "@mozilla.org/scriptsecuritymanager;1",
@ -17,8 +18,7 @@ XPCOMUtils.defineLazyServiceGetter(this, "gContentSecurityManager",
"@mozilla.org/contentsecuritymanager;1", "@mozilla.org/contentsecuritymanager;1",
"nsIContentSecurityManager"); "nsIContentSecurityManager");
var prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch); Services.prefs.setCharPref("dom.securecontext.whitelist", "example.net,example.org");
prefs.setCharPref("dom.securecontext.whitelist", "example.net,example.org");
add_task(async function test_isOriginPotentiallyTrustworthy() { add_task(async function test_isOriginPotentiallyTrustworthy() {
for (let [uriSpec, expectedResult] of [ for (let [uriSpec, expectedResult] of [
@ -43,7 +43,7 @@ add_task(async function test_isOriginPotentiallyTrustworthy() {
} }
// And now let's test whether .onion sites are properly treated when // And now let's test whether .onion sites are properly treated when
// whitelisted, see bug 1382359. // whitelisted, see bug 1382359.
prefs.setBoolPref("dom.securecontext.whitelist_onions", true); Services.prefs.setBoolPref("dom.securecontext.whitelist_onions", true);
let uri = NetUtil.newURI("http://1234567890abcdef.onion/"); let uri = NetUtil.newURI("http://1234567890abcdef.onion/");
let principal = gScriptSecurityManager.createCodebasePrincipal(uri, {}); let principal = gScriptSecurityManager.createCodebasePrincipal(uri, {});
Assert.equal(gContentSecurityManager.isOriginPotentiallyTrustworthy(principal), Assert.equal(gContentSecurityManager.isOriginPotentiallyTrustworthy(principal),