From b6efcb3d211665bd52f70d35bfcacf1615bb4a5f Mon Sep 17 00:00:00 2001 From: Christoph Kerschbaumer Date: Mon, 12 Aug 2013 14:54:12 -0700 Subject: [PATCH] Bug 663567 - Mochitest verifying that content added by XSLT stylesheet is subject to document's CSP. r=grobinson, r=sstamm --- content/base/test/Makefile.in | 6 ++ .../base/test/file_CSP_bug663567_allows.xml | 28 ++++++ .../file_CSP_bug663567_allows.xml^headers^ | 1 + .../base/test/file_CSP_bug663567_allows.xsl | 27 +++++ .../base/test/file_CSP_bug663567_blocks.xml | 28 ++++++ .../file_CSP_bug663567_blocks.xml^headers^ | 1 + content/base/test/test_CSP_bug663567.html | 99 +++++++++++++++++++ 7 files changed, 190 insertions(+) create mode 100644 content/base/test/file_CSP_bug663567_allows.xml create mode 100644 content/base/test/file_CSP_bug663567_allows.xml^headers^ create mode 100644 content/base/test/file_CSP_bug663567_allows.xsl create mode 100644 content/base/test/file_CSP_bug663567_blocks.xml create mode 100644 content/base/test/file_CSP_bug663567_blocks.xml^headers^ create mode 100644 content/base/test/test_CSP_bug663567.html diff --git a/content/base/test/Makefile.in b/content/base/test/Makefile.in index 94d6065297f..ec10f0c7dab 100644 --- a/content/base/test/Makefile.in +++ b/content/base/test/Makefile.in @@ -651,6 +651,12 @@ MOCHITEST_FILES_C= \ test_CSP_bug888172.html \ file_CSP_bug888172.html \ file_CSP_bug888172.sjs \ + test_CSP_bug663567.html \ + file_CSP_bug663567_allows.xml \ + file_CSP_bug663567_allows.xml^headers^ \ + file_CSP_bug663567_allows.xsl \ + file_CSP_bug663567_blocks.xml \ + file_CSP_bug663567_blocks.xml^headers^ \ $(NULL) # OOP tests don't work on Windows (bug 763081) or native-fennec diff --git a/content/base/test/file_CSP_bug663567_allows.xml b/content/base/test/file_CSP_bug663567_allows.xml new file mode 100644 index 00000000000..954cab9d416 --- /dev/null +++ b/content/base/test/file_CSP_bug663567_allows.xml @@ -0,0 +1,28 @@ + + + + + Empire Burlesque + Bob Dylan + USA + Columbia + 10.90 + 1985 + + + Hide your heart + Bonnie Tyler + UK + CBS Records + 9.90 + 1988 + + + Greatest Hits + Dolly Parton + USA + RCA + 9.90 + 1982 + + diff --git a/content/base/test/file_CSP_bug663567_allows.xml^headers^ b/content/base/test/file_CSP_bug663567_allows.xml^headers^ new file mode 100644 index 00000000000..4c6fa3c26a7 --- /dev/null +++ b/content/base/test/file_CSP_bug663567_allows.xml^headers^ @@ -0,0 +1 @@ +Content-Security-Policy: default-src 'self' diff --git a/content/base/test/file_CSP_bug663567_allows.xsl b/content/base/test/file_CSP_bug663567_allows.xsl new file mode 100644 index 00000000000..b12b0d3b1d8 --- /dev/null +++ b/content/base/test/file_CSP_bug663567_allows.xsl @@ -0,0 +1,27 @@ + + + + + + + +

this xml file should be formatted using an xsl file(lower iframe should contain xml dump)!

+ + + + + + + + + + + + + +
TitleArtistPrice
+ + + + + diff --git a/content/base/test/file_CSP_bug663567_blocks.xml b/content/base/test/file_CSP_bug663567_blocks.xml new file mode 100644 index 00000000000..aa48e84e657 --- /dev/null +++ b/content/base/test/file_CSP_bug663567_blocks.xml @@ -0,0 +1,28 @@ + + + + + Empire Burlesque + Bob Dylan + USA + Columbia + 10.90 + 1985 + + + Hide your heart + Bonnie Tyler + UK + CBS Records + 9.90 + 1988 + + + Greatest Hits + Dolly Parton + USA + RCA + 9.90 + 1982 + + diff --git a/content/base/test/file_CSP_bug663567_blocks.xml^headers^ b/content/base/test/file_CSP_bug663567_blocks.xml^headers^ new file mode 100644 index 00000000000..4c6fa3c26a7 --- /dev/null +++ b/content/base/test/file_CSP_bug663567_blocks.xml^headers^ @@ -0,0 +1 @@ +Content-Security-Policy: default-src 'self' diff --git a/content/base/test/test_CSP_bug663567.html b/content/base/test/test_CSP_bug663567.html new file mode 100644 index 00000000000..5822b871a0d --- /dev/null +++ b/content/base/test/test_CSP_bug663567.html @@ -0,0 +1,99 @@ + + + + Test if XSLT stylesheet is subject to document's CSP + + + + +

+ + + + + + + +