Title: [246997] releases/WebKitGTK/webkit-2.24/LayoutTests
- Revision
- 246997
- Author
- [email protected]
- Date
- 2019-07-01 04:04:00 -0700 (Mon, 01 Jul 2019)
Log Message
Merge r246287 - [CSP] Blob URLs should inherit their CSP policy
https://bugs.webkit.org/show_bug.cgi?id=198579
<rdar://problem/51366878>
Reviewed by Brent Fulgham.
Actually add the tests that I inadvertently omitted from r246277.
* http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html: Added.
Modified Paths
Added Paths
Diff
Modified: releases/WebKitGTK/webkit-2.24/LayoutTests/ChangeLog (246996 => 246997)
--- releases/WebKitGTK/webkit-2.24/LayoutTests/ChangeLog 2019-07-01 11:03:55 UTC (rev 246996)
+++ releases/WebKitGTK/webkit-2.24/LayoutTests/ChangeLog 2019-07-01 11:04:00 UTC (rev 246997)
@@ -6,6 +6,21 @@
Reviewed by Brent Fulgham.
+ Actually add the tests that I inadvertently omitted from r246277.
+
+ * http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt: Added.
+ * http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html: Added.
+ * http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt: Added.
+ * http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html: Added.
+
+2019-06-10 Daniel Bates <[email protected]>
+
+ [CSP] Blob URLs should inherit their CSP policy
+ https://bugs.webkit.org/show_bug.cgi?id=198579
+ <rdar://problem/51366878>
+
+ Reviewed by Brent Fulgham.
+
Add tests to ensure that a self navigation to a Blob or Data URL inherits its CSP policy from
its parent document.
Added: releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt (0 => 246997)
--- releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt 2019-07-01 11:04:00 UTC (rev 246997)
@@ -0,0 +1,2 @@
+CONSOLE MESSAGE: line 1: Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy.
+Blob page
Added: releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html (0 => 246997)
--- releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html (rev 0)
+++ releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html 2019-07-01 11:04:00 UTC (rev 246997)
@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="script-src 'nonce-test'">
+<script nonce="test">
+if (window.testRunner)
+ testRunner.dumpAsText();
+
+let blob = new Blob(["<script>alert(/FAIL/)<" + "/script>Blob page"], {type : "text/html"});
+if (window.testRunner)
+ testRunner.queueLoad(URL.createObjectURL(blob));
+</script>
+<body>
+<p>Initial page</p>
+</body>
+</head>
+</html>
Added: releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt (0 => 246997)
--- releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt 2019-07-01 11:04:00 UTC (rev 246997)
@@ -0,0 +1,2 @@
+CONSOLE MESSAGE: line 1: Refused to execute a script because its hash, its nonce, or 'unsafe-inline' does not appear in the script-src directive of the Content Security Policy.
+Data URL page
Added: releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html (0 => 246997)
--- releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html (rev 0)
+++ releases/WebKitGTK/webkit-2.24/LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html 2019-07-01 11:04:00 UTC (rev 246997)
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta http-equiv="Content-Security-Policy" content="script-src 'nonce-test'">
+<script nonce="test">
+if (window.testRunner)
+ testRunner.dumpAsText();
+
+if (window.testRunner)
+ testRunner.queueLoad("data:text/html, <script>alert(/FAIL/)<" + "/script>Data URL page");
+</script>
+<body>
+<p>Initial page</p>
+</body>
+</head>
+</html>
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
