mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
128 lines
4.3 KiB
JavaScript
128 lines
4.3 KiB
JavaScript
Components.utils.import('resource://gre/modules/CSPUtils.jsm');
|
|
do_load_httpd_js();
|
|
|
|
var httpserv = null;
|
|
|
|
const POLICY_FROM_URI = "allow 'self'; img-src *";
|
|
const POLICY_PORT = 9000;
|
|
const POLICY_URI = "http://localhost:" + POLICY_PORT + "/policy";
|
|
const POLICY_URI_RELATIVE = "/policy";
|
|
const DOCUMENT_URI = "http://localhost:" + POLICY_PORT + "/document";
|
|
const CSP_DOC_BODY = "CSP doc content";
|
|
const SD = CSPRep.SRC_DIRECTIVES;
|
|
const MAX_TESTS = 2;
|
|
var TESTS_COMPLETED = 0;
|
|
|
|
var cspr, cspr_static;
|
|
|
|
// helper to use .equals on stuff
|
|
function do_check_equivalent(foo, bar, stack) {
|
|
if (!stack)
|
|
stack = Components.stack.caller;
|
|
|
|
var text = foo + ".equals(" + bar + ")";
|
|
|
|
if (foo.equals && foo.equals(bar)) {
|
|
dump("TEST-PASS | " + stack.filename + " | [" + stack.name + " : " +
|
|
stack.lineNumber + "] " + text + "\n");
|
|
return;
|
|
}
|
|
do_throw(text, stack);
|
|
}
|
|
|
|
function listener() {
|
|
this.buffer = "";
|
|
}
|
|
|
|
listener.prototype = {
|
|
onStartRequest: function (request, ctx) {
|
|
},
|
|
|
|
onDataAvailable: function (request, ctx, stream, offset, count) {
|
|
var sInputStream = Cc["@mozilla.org/scriptableinputstream;1"]
|
|
.createInstance(Ci.nsIScriptableInputStream);
|
|
sInputStream.init(stream);
|
|
this.buffer = this.buffer.concat(sInputStream.read(count));
|
|
},
|
|
|
|
onStopRequest: function (request, ctx, status) {
|
|
// make sure that we have the full document content, guaranteeing that
|
|
// the document channel has been resumed, before we do the comparisons
|
|
if (this.buffer == CSP_DOC_BODY) {
|
|
// "policy-uri failed to load"
|
|
do_check_neq(null, cspr);
|
|
|
|
// other directives inherit self
|
|
for (var i in SD) {
|
|
do_check_equivalent(cspr._directives[SD[i]],
|
|
cspr_static._directives[SD[i]]);
|
|
}
|
|
|
|
do_test_finished();
|
|
TESTS_COMPLETED++;
|
|
// final teardown
|
|
if (TESTS_COMPLETED == MAX_TESTS) {
|
|
httpserv.stop(function(){});
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
function run_test() {
|
|
httpserv = new nsHttpServer();
|
|
httpserv.registerPathHandler("/document", csp_doc_response);
|
|
httpserv.registerPathHandler("/policy", csp_policy_response);
|
|
httpserv.start(POLICY_PORT);
|
|
|
|
var tests = [ test_CSPRep_fromPolicyURI, test_CSPRep_fromRelativePolicyURI];
|
|
for (var i = 0 ; i < tests.length ; i++) {
|
|
tests[i]();
|
|
do_test_pending();
|
|
}
|
|
}
|
|
|
|
function makeChan(url) {
|
|
var ios = Cc["@mozilla.org/network/io-service;1"].getService(Ci.nsIIOService);
|
|
var chan = ios.newChannel(url, null, null).QueryInterface(Ci.nsIHttpChannel);
|
|
return chan;
|
|
}
|
|
|
|
function csp_doc_response(metadata, response) {
|
|
response.setStatusLine(metadata.httpVersion, 200, "OK");
|
|
response.setHeader("Content-Type", "text/html", false);
|
|
response.bodyOutputStream.write(CSP_DOC_BODY, CSP_DOC_BODY.length);
|
|
}
|
|
|
|
function csp_policy_response(metadata, response) {
|
|
response.setStatusLine(metadata.httpVersion, 200, "OK");
|
|
response.setHeader("Content-Type", "text/csp", false);
|
|
response.bodyOutputStream.write(POLICY_FROM_URI, POLICY_FROM_URI.length);
|
|
}
|
|
|
|
///////////////////// TEST POLICY_URI //////////////////////
|
|
function test_CSPRep_fromPolicyURI() {
|
|
var csp = Components.classes["@mozilla.org/contentsecuritypolicy;1"]
|
|
.createInstance[Components.interfaces.nsIContentSecurityPolicy];
|
|
// once the policy-uri is returned we will compare our static CSPRep with one
|
|
// we generated from the content we got back from the network to make sure
|
|
// they are equivalent
|
|
cspr_static = CSPRep.fromString(POLICY_FROM_URI, DOCUMENT_URI);
|
|
// simulates the request for the parent document
|
|
var docChan = makeChan(DOCUMENT_URI);
|
|
docChan.asyncOpen(new listener(), null);
|
|
cspr = CSPRep.fromString("policy-uri " + POLICY_URI, DOCUMENT_URI, docChan, csp);
|
|
}
|
|
|
|
function test_CSPRep_fromRelativePolicyURI() {
|
|
var csp = Components.classes["@mozilla.org/contentsecuritypolicy;1"]
|
|
.createInstance[Components.interfaces.nsIContentSecurityPolicy];
|
|
// once the policy-uri is returned we will compare our static CSPRep with one
|
|
// we generated from the content we got back from the network to make sure
|
|
// they are equivalent
|
|
cspr_static = CSPRep.fromString(POLICY_FROM_URI, DOCUMENT_URI);
|
|
// simulates the request for the parent document
|
|
var docChan = makeChan(DOCUMENT_URI);
|
|
docChan.asyncOpen(new listener(), null);
|
|
cspr = CSPRep.fromString("policy-uri " + POLICY_URI_RELATIVE, DOCUMENT_URI, docChan, csp);
|
|
}
|