nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/dom/security/test/csp/test_upgrade_insecure_docwrite_iframe.html
Brian Grinstead 0d460e3432 Bug 1544322 - Part 2.2 - Remove the [type] attribute for one-liner <script> tags loading files in /tests/SimpleTest/ in dom/ r=bzbarsky 
This is split from the previous changeset since if we include dom/ the file size is too
large for phabricator to handle.

This is an autogenerated commit to handle scripts loading mochitest harness files, in
the simple case where the script src is on the same line as the tag.

This was generated with https://bug1544322.bmoattachments.org/attachment.cgi?id=9058170
using the `--part 2` argument.

Differential Revision: https://phabricator.services.mozilla.com/D27457

--HG--
extra : moz-landing-system : lando
2019-04-16 03:53:28 +00:00

54 lines
1.9 KiB
HTML
Raw Blame History

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Bug 1273430 - Test CSP upgrade-insecure-requests for doc.write(iframe)</title>
<!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<iframe style="width:100%;" id="testframe"></iframe>
<script class="testbody" type="text/javascript">
/* Description of the test:
* Load an iframe which ships with a CSP of upgrade-insecure-requests.
* Within that iframe a script performs doc.write(iframe) using an
* *http* URL. Make sure, the URL is upgraded to *https*.
*
* +-----------------------------------------+
* | |
* | http(s); csp: upgrade-insecure-requests | |
* | +---------------------------------+ |
* | | | |
* | | doc.write(<iframe src='http'>); | <--------- upgrade to https
* | | | |
* | +---------------------------------+ |
* | |
* +-----------------------------------------+
*
*/
const TEST_FRAME_URL =
"https://example.com/tests/dom/security/test/csp/file_upgrade_insecure_docwrite_iframe.sjs?testframe";
// important: the RESULT should have a scheme of *https*
const RESULT =
"https://example.com/tests/dom/security/test/csp/file_upgrade_insecure_docwrite_iframe.sjs?docwriteframe";
window.addEventListener("message", receiveMessage);
function receiveMessage(event) {
is(event.data.result, RESULT, "doc.write(iframe) of http should be upgraded to https!");
window.removeEventListener("message", receiveMessage);
SimpleTest.finish();
}
// start the test
SimpleTest.waitForExplicitFinish();
var testframe = document.getElementById("testframe");
testframe.src = TEST_FRAME_URL;
</script>
</body>
</html>
View git blame Copy permalink