- Revision
- 196878
- Author
- [email protected]
- Date
- 2016-02-21 13:37:42 -0800 (Sun, 21 Feb 2016)
Log Message
Attempt to fix the Content Extension test failures following <https://trac.webkit.org/changeset/196875>
(https://bugs.webkit.org/show_bug.cgi?id=154307)
Convert Content Extension tests that use the Content Security Policy directive report-uri from HTML files
to PHP scripts and modified them to define the content security policy for the page via the Content-Security-Policy
HTTP header instead of via a meta element so that the report-uri directive is honored. Following
<https://trac.webkit.org/changeset/196875> the directive report-uri is only honored when contained in a
policy that is delivered via an HTTP header. That is, it is no longer honored when delivered in a meta element.
* http/tests/contentextensions/block-cookies-in-csp-report.php: Renamed from LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.html.
* http/tests/contentextensions/block-csp-report.php: Renamed from LayoutTests/http/tests/contentextensions/block-csp-report.html.
* http/tests/contentextensions/hide-on-csp-report.php: Renamed from LayoutTests/http/tests/contentextensions/hide-on-csp-report.html.
Modified Paths
Added Paths
Removed Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (196877 => 196878)
--- trunk/LayoutTests/ChangeLog 2016-02-21 19:51:43 UTC (rev 196877)
+++ trunk/LayoutTests/ChangeLog 2016-02-21 21:37:42 UTC (rev 196878)
@@ -1,5 +1,20 @@
2016-02-21 Daniel Bates <[email protected]>
+ Attempt to fix the Content Extension test failures following <https://trac.webkit.org/changeset/196875>
+ (https://bugs.webkit.org/show_bug.cgi?id=154307)
+
+ Convert Content Extension tests that use the Content Security Policy directive report-uri from HTML files
+ to PHP scripts and modified them to define the content security policy for the page via the Content-Security-Policy
+ HTTP header instead of via a meta element so that the report-uri directive is honored. Following
+ <https://trac.webkit.org/changeset/196875> the directive report-uri is only honored when contained in a
+ policy that is delivered via an HTTP header. That is, it is no longer honored when delivered in a meta element.
+
+ * http/tests/contentextensions/block-cookies-in-csp-report.php: Renamed from LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.html.
+ * http/tests/contentextensions/block-csp-report.php: Renamed from LayoutTests/http/tests/contentextensions/block-csp-report.html.
+ * http/tests/contentextensions/hide-on-csp-report.php: Renamed from LayoutTests/http/tests/contentextensions/hide-on-csp-report.html.
+
+2016-02-21 Daniel Bates <[email protected]>
+
CSP: Violation report should include column number
https://bugs.webkit.org/show_bug.cgi?id=154418
<rdar://problem/24729525>
Deleted: trunk/LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.html (196877 => 196878)
--- trunk/LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.html 2016-02-21 19:51:43 UTC (rev 196877)
+++ trunk/LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.html 2016-02-21 21:37:42 UTC (rev 196878)
@@ -1,40 +0,0 @@
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src 'self'; report-uri /contentextensions/resources/save-ping.php?test=contentextensions-block-cookies-in-csp-report">
-<script>
-if (window.testRunner) {
- testRunner.dumpAsText();
- testRunner.dumpChildFramesAsText();
- testRunner.waitUntilDone();
-}
-
-function deletePing() {
- var deletePingContainer = document.getElementById("delete_ping_container");
- deletePingContainer.innerHTML = '<img src="" _onerror_="loadCrossDomainImage();">';
-}
-
-function loadCrossDomainImage() {
- // Trying to load an image from a different port
- // will result in a CSP violation.
- var img = new Image(1, 1);
- img.src = ""
- showPingResult();
-}
-
-function showPingResult() {
- var iframe = document.getElementById("result_frame");
- iframe._onload_ = function() {
- if (window.testRunner) { testRunner.notifyDone(); }
- }
- iframe.src = ""
-}
-</script>
-</head>
-
-<body>
-This test creates a CSP violation report, but the report URL matches a 'block-cookie' rule.
-<img src=""
- _onerror_="deletePing();">
-<div id="delete_ping_container"></div>
-<iframe id="result_frame" name="result_frame"><!-- Will contain ping data received by server --></iframe>
-</body>
-
Copied: trunk/LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.php (from rev 196877, trunk/LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.html) (0 => 196878)
--- trunk/LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.php (rev 0)
+++ trunk/LayoutTests/http/tests/contentextensions/block-cookies-in-csp-report.php 2016-02-21 21:37:42 UTC (rev 196878)
@@ -0,0 +1,42 @@
+<?php
+ header("Content-Security-Policy: img-src 'self'; report-uri /contentextensions/resources/save-ping.php?test=contentextensions-block-cookies-in-csp-report");
+?>
+<head>
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpChildFramesAsText();
+ testRunner.waitUntilDone();
+}
+
+function deletePing() {
+ var deletePingContainer = document.getElementById("delete_ping_container");
+ deletePingContainer.innerHTML = '<img src="" _onerror_="loadCrossDomainImage();">';
+}
+
+function loadCrossDomainImage() {
+ // Trying to load an image from a different port
+ // will result in a CSP violation.
+ var img = new Image(1, 1);
+ img.src = ""
+ showPingResult();
+}
+
+function showPingResult() {
+ var iframe = document.getElementById("result_frame");
+ iframe._onload_ = function() {
+ if (window.testRunner) { testRunner.notifyDone(); }
+ }
+ iframe.src = ""
+}
+</script>
+</head>
+
+<body>
+This test creates a CSP violation report, but the report URL matches a 'block-cookie' rule.
+<img src=""
+ _onerror_="deletePing();">
+<div id="delete_ping_container"></div>
+<iframe id="result_frame" name="result_frame"><!-- Will contain ping data received by server --></iframe>
+</body>
+
Deleted: trunk/LayoutTests/http/tests/contentextensions/block-csp-report.html (196877 => 196878)
--- trunk/LayoutTests/http/tests/contentextensions/block-csp-report.html 2016-02-21 19:51:43 UTC (rev 196877)
+++ trunk/LayoutTests/http/tests/contentextensions/block-csp-report.html 2016-02-21 21:37:42 UTC (rev 196878)
@@ -1,37 +0,0 @@
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src 'self'; report-uri http://localhost:8000/contentextensions/resources/save-ping.php?test=contentextensions-block-csp-report">
-<script>
-if (window.testRunner) {
- testRunner.dumpAsText();
- testRunner.dumpChildFramesAsText();
- testRunner.waitUntilDone();
-}
-
-function loadCrossDomainImage() {
- // Trying to load an image from a different port
- // will result in a CSP violation.
- var img = new Image(1, 1);
- img.src = ""
- showPingResult();
-}
-
-function showPingResult() {
- var iframe = document.getElementById("result_frame");
- iframe._onload_ = function() {
- if (window.testRunner) { testRunner.notifyDone(); }
- }
- iframe.src = ""
- // Why timeout_ms=1000:
- // To pass the test, the ping shouldn't arrive, so we need to
- // timeout at some point. We don't have to wait too long because
- // the console message can tell us whether the ping was blocked.
-}
-</script>
-</head>
-
-<body>
-This test creates a CSP violation report, but the report URL matches a 'block' rule.
-<img src="" _onerror_="loadCrossDomainImage();">
-<iframe id="result_frame" name="result_frame"><!-- Will contain ping data received by server --></iframe>
-</body>
-
Copied: trunk/LayoutTests/http/tests/contentextensions/block-csp-report.php (from rev 196877, trunk/LayoutTests/http/tests/contentextensions/block-csp-report.html) (0 => 196878)
--- trunk/LayoutTests/http/tests/contentextensions/block-csp-report.php (rev 0)
+++ trunk/LayoutTests/http/tests/contentextensions/block-csp-report.php 2016-02-21 21:37:42 UTC (rev 196878)
@@ -0,0 +1,39 @@
+<?php
+ header("Content-Security-Policy: img-src 'self'; report-uri http://localhost:8000/contentextensions/resources/save-ping.php?test=contentextensions-block-csp-report");
+?>
+<head>
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpChildFramesAsText();
+ testRunner.waitUntilDone();
+}
+
+function loadCrossDomainImage() {
+ // Trying to load an image from a different port
+ // will result in a CSP violation.
+ var img = new Image(1, 1);
+ img.src = ""
+ showPingResult();
+}
+
+function showPingResult() {
+ var iframe = document.getElementById("result_frame");
+ iframe._onload_ = function() {
+ if (window.testRunner) { testRunner.notifyDone(); }
+ }
+ iframe.src = ""
+ // Why timeout_ms=1000:
+ // To pass the test, the ping shouldn't arrive, so we need to
+ // timeout at some point. We don't have to wait too long because
+ // the console message can tell us whether the ping was blocked.
+}
+</script>
+</head>
+
+<body>
+This test creates a CSP violation report, but the report URL matches a 'block' rule.
+<img src="" _onerror_="loadCrossDomainImage();">
+<iframe id="result_frame" name="result_frame"><!-- Will contain ping data received by server --></iframe>
+</body>
+
Deleted: trunk/LayoutTests/http/tests/contentextensions/hide-on-csp-report.html (196877 => 196878)
--- trunk/LayoutTests/http/tests/contentextensions/hide-on-csp-report.html 2016-02-21 19:51:43 UTC (rev 196877)
+++ trunk/LayoutTests/http/tests/contentextensions/hide-on-csp-report.html 2016-02-21 21:37:42 UTC (rev 196878)
@@ -1,35 +0,0 @@
-<head>
-<meta http-equiv="Content-Security-Policy" content="img-src 'self'; report-uri http://localhost:8000/contentextensions/resources/save-ping.php?test=contentextensions-hide-on-csp-report">
-<script>
-if (window.testRunner) {
- testRunner.dumpAsText();
- testRunner.dumpChildFramesAsText();
- testRunner.waitUntilDone();
-}
-
-function loadCrossDomainImage() {
- // Trying to load an image from a different port
- // will result in a CSP violation.
- var img = new Image(1, 1);
- img.src = ""
- showPingResult();
-}
-
-function showPingResult() {
- var iframe = document.getElementById("result_frame");
- iframe._onload_ = function() {
- if (window.testRunner) { testRunner.notifyDone(); }
- }
- iframe.src = ""
-}
-</script>
-</head>
-
-<body>
-This test creates a CSP violation report, but the report URL matches a 'css-display-none' rule.
-<p class="foo">This text should be hidden once the report is sent.</p>
-<p class="bar">This text should remain visible.</p>
-<img src="" _onerror_="loadCrossDomainImage();">
-<iframe id="result_frame" name="result_frame"><!-- Will contain ping data received by server --></iframe>
-</body>
-
Copied: trunk/LayoutTests/http/tests/contentextensions/hide-on-csp-report.php (from rev 196877, trunk/LayoutTests/http/tests/contentextensions/hide-on-csp-report.html) (0 => 196878)
--- trunk/LayoutTests/http/tests/contentextensions/hide-on-csp-report.php (rev 0)
+++ trunk/LayoutTests/http/tests/contentextensions/hide-on-csp-report.php 2016-02-21 21:37:42 UTC (rev 196878)
@@ -0,0 +1,37 @@
+<?php
+ header("Content-Security-Policy: img-src 'self'; report-uri http://localhost:8000/contentextensions/resources/save-ping.php?test=contentextensions-hide-on-csp-report");
+?>
+<head>
+<script>
+if (window.testRunner) {
+ testRunner.dumpAsText();
+ testRunner.dumpChildFramesAsText();
+ testRunner.waitUntilDone();
+}
+
+function loadCrossDomainImage() {
+ // Trying to load an image from a different port
+ // will result in a CSP violation.
+ var img = new Image(1, 1);
+ img.src = ""
+ showPingResult();
+}
+
+function showPingResult() {
+ var iframe = document.getElementById("result_frame");
+ iframe._onload_ = function() {
+ if (window.testRunner) { testRunner.notifyDone(); }
+ }
+ iframe.src = ""
+}
+</script>
+</head>
+
+<body>
+This test creates a CSP violation report, but the report URL matches a 'css-display-none' rule.
+<p class="foo">This text should be hidden once the report is sent.</p>
+<p class="bar">This text should remain visible.</p>
+<img src="" _onerror_="loadCrossDomainImage();">
+<iframe id="result_frame" name="result_frame"><!-- Will contain ping data received by server --></iframe>
+</body>
+
