1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
<!DOCTYPE html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<meta http-equiv="Content-Security-Policy" content="img-src 'none'">
<body>
<script>
let message_from = (w, starts_with) => {
return new Promise(resolve => {
window.addEventListener('message', msg => {
if (msg.source == w) {
if (!starts_with || msg.data.startsWith(starts_with))
resolve(msg.data);
}
});
});
};
const img_url = window.origin + "/content-security-policy/support/fail.png";
const img_tag_string = `
<img src="${img_url}"
onload="top.postMessage('img loaded', '*');"
onerror="top.postMessage('img blocked', '*');"
>
`;
const html_test_payload = `
<!doctype html>
<div>${img_tag_string}</div>
`;
let blob_url = URL.createObjectURL(
new Blob([html_test_payload], { type: 'text/html' }));
let write_img_to_iframe = (iframe) => {
let div = iframe.contentDocument.createElement('div');
div.innerHTML = img_tag_string;
iframe.contentDocument.body.appendChild(div);
};
// Test location.reload() for "about:blank".
promise_test(async t => {
// Create an empty iframe.
window.iframe = document.createElement('iframe');
document.body.appendChild(iframe);
// Add an img.
let message = message_from(iframe.contentWindow);
write_img_to_iframe(iframe);
// Check that the empty document inherits CSP from the initiator.
assert_equals(await message, "img blocked",
"Image should be blocked by CSP inherited from the parent.");
// Now perform a reload.
let message_2 = message_from(iframe.contentWindow);
let loaded = new Promise(resolve => iframe.onload = resolve);
iframe.contentWindow.location.reload();
await loaded;
// Add an img.
write_img_to_iframe(iframe);
// Check that the empty document still has the right CSP after reload.
assert_equals(await message_2, "img blocked",
"Image should be blocked by CSP after reload.");
}, "location.reload() of empty iframe.");
// Test location.reload() for a blob URL.
promise_test(async t => {
// Create an iframe.
window.iframe = document.createElement('iframe');
document.body.appendChild(iframe);
// Navigate to the blob URL.
let message = message_from(iframe.contentWindow);
iframe.contentWindow.location = blob_url;
// Check that the blob URL inherits CSP from the initiator.
assert_equals(await message, "img blocked",
"Image should be blocked by CSP inherited from navigation initiator.");
// Now perform a reload.
let message_2 = message_from(iframe.contentWindow);
let loaded = new Promise(resolve => iframe.onload = resolve);
iframe.contentWindow.location.reload();
await loaded;
// Check that the blob URL document still has the right CSP after reload.
assert_equals(await message_2, "img blocked",
"Image should be blocked by CSP after reload.");
}, "location.reload() of blob URL iframe.");
// Test location.reload() for a srcdoc iframe.
promise_test(async t => {
// Create a srcdoc iframe.
window.iframe = document.createElement('iframe');
document.body.appendChild(iframe);
let message = message_from(iframe.contentWindow);
iframe.srcdoc = `${html_test_payload}`;
// Check that the srcdoc iframe inherits from the parent.
assert_equals(await message, "img blocked",
"Image should be blocked by CSP inherited from navigation initiator.");
// Now perform a reload.
let message_2 = message_from(iframe.contentWindow);
let loaded = new Promise(resolve => iframe.onload = resolve);
iframe.contentWindow.location.reload();
await loaded;
// Check that the srcdoc iframe still has the right CSP after reload.
assert_equals(await message_2, "img blocked",
"Image should be blocked by CSP after reload.");
}, "location.reload() of srcdoc iframe.");
</script>
</body>
|
