File: test_reporting_api_disabled.html

package info (click to toggle)
firefox 147.0.3-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,683,320 kB
  • sloc: cpp: 7,607,359; javascript: 6,533,295; ansic: 3,775,223; python: 1,415,500; xml: 634,561; asm: 438,949; java: 186,241; sh: 62,752; makefile: 18,079; objc: 13,092; perl: 12,808; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10; exp: 6
file content (76 lines) | stat: -rw-r--r-- 2,642 bytes parent folder | download | duplicates (12) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
<!DOCTYPE HTML>
<html>
<head>
  <title>Bug 1922967 - Check `report-uri` is used when Reporting API is enabled regardless the existence of `report-to`</title>
  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
  <script src="/tests/SimpleTest/SimpleTest.js"></script>
  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>

<iframe style="width:200px;height:200px;" id='cspframe'></iframe>
<script class="testbody" type="text/javascript">

SimpleTest.waitForExplicitFinish();

/* Description of the test:
 * This test reuses the setup from test_blocked_uri_in_reports.html.
 * The only differences is we provide `report-to` directive while Reporting API
 * is disabled.
 * We want to test `report-uri` still works if Reporting API is disabled.
 */

const reportURI = "http://mochi.test:8888/foo.sjs";
// Note that both `report-to` and `reprot-uri` are provided.
const policy = "report-to csp-group; script-src http://example.com; report-uri " + reportURI;
const testfile = "tests/dom/security/test/csp/file_path_matching_redirect.html";

var chromeScriptUrl = SimpleTest.getTestFileURL("file_report_chromescript.js");
var script = SpecialPowers.loadChromeScript(chromeScriptUrl);

script.addMessageListener('opening-request-completed', function ml(msg) {
  if (msg.error) {
    ok(false, "Could not query report (exception: " + msg.error + ")");
  } else {
    try {
      var reportObj = JSON.parse(msg.report);
    } catch (e) {
      ok(false, "Could not parse JSON (exception: " + e + ")");
    }
    try {
      var cspReport = reportObj["csp-report"];
      // blocked-uri should only be the asciiHost instead of:
      // http://test1.example.com/tests/dom/security/test/csp/file_path_matching.js
      // eslint-disable-next-line @microsoft/sdl/no-insecure-url
      is(cspReport["blocked-uri"], "http://example.com/tests/dom/security/test/csp/file_path_matching_redirect_server.sjs", "Incorrect blocked-uri");
    } catch (e) {
      ok(false, "Could not query report (exception: " + e + ")");
    }
  }

  script.removeMessageListener('opening-request-completed', ml);
  script.sendAsyncMessage("finish");
  SimpleTest.finish();
});

SimpleTest.waitForExplicitFinish();

function runTest() {
  var src = "file_testserver.sjs";
  // append the file that should be served
  src += "?file=" + escape(testfile);
  // append the CSP that should be used to serve the file
  src += "&csp=" + escape(policy);

  document.getElementById("cspframe").src = src;
}

SpecialPowers.pushPrefEnv({
  set: [
    ["dom.reporting.enabled", false],
  ],
}, runTest);

</script>
</body>
</html>