Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
DLNA-RUI
cvp2ts
Commits
150d0791
Commit
150d0791
authored
Oct 20, 2014
by
Glenn Adams
Browse files
Populate level3 csp tests; update w3c tools.
parent
d7969364
Changes
29
Expand all
Hide whitespace changes
Inline
Side-by-side
specs/cookies/helpers/ProtocolCookies.js
View file @
150d0791
...
...
@@ -2,7 +2,7 @@
function
run
(
t
)
{
var
defProperties
=
t
.
properties
.
def
;
var
ident
=
'
test
'
;
var
url
=
'
./
resources
/set-cookie.py?ident=
'
+
ident
;
var
url
=
'
./
support
/set-cookie.py?ident=
'
+
ident
;
var
xhr
=
new
XMLHttpRequest
();
xhr
.
open
(
'
GET
'
,
url
,
true
);
xhr
.
onload
=
t
.
step_func
(
function
()
{
...
...
specs/cookies/
resources
/set-cookie.py
→
specs/cookies/
support
/set-cookie.py
View file @
150d0791
File moved
specs/cors/helpers/ProtocolCORS.js
View file @
150d0791
"
use strict
"
;
function
run
(
t
)
{
var
defProperties
=
t
.
properties
.
def
;
var
url
=
CROSSDOMAIN
+
'
./
resources
/check-cors.py
'
;
var
url
=
CROSSDOMAIN
+
'
./
support
/check-cors.py
'
;
test
(
function
()
{
var
xhr
=
new
XMLHttpRequest
();
xhr
.
open
(
'
GET
'
,
url
+
'
?allow=1
'
,
false
);
...
...
specs/cors/
resources
/check-cors.py
→
specs/cors/
support
/check-cors.py
View file @
150d0791
File moved
specs/csp/csp.config.json
View file @
150d0791
...
...
@@ -5,5 +5,16 @@
"local"
:
"csp.html"
,
"dontExtract"
:
true
,
"dontExtractReason"
:
"requires manual property extraction"
,
"helpers3"
:
[]
"helpers3"
:
[
"ProtocolCSP"
],
"crossDomainSupport"
:
true
,
"tests"
:
[
{
"name"
:
"ProtocolCSP"
,
"helper"
:
"ProtocolCSP"
,
"code"
:
"run(t)"
,
"async"
:
true
}
]
}
specs/csp/helpers/ProtocolCSP.js
0 → 100644
View file @
150d0791
"
use strict
"
;
function
run
(
t
)
{
var
properties
=
t
.
properties
;
var
defProperties
=
properties
.
def
;
var
e
=
document
.
createElement
(
'
img
'
);
e
.
src
=
'
./resources/test.png
'
;
e
.
onload
=
t
.
step_func_done
(
function
()
{
test
(
function
()
{
assert_unreached
(
'
image loaded with img-src
\'
none
\'
'
);
},
defProperties
.
expandedName
+
'
-check-allowed
'
);
});
e
.
onerror
=
t
.
step_func_done
(
function
()
{
async_test
(
function
()
{
var
t
=
this
;
var
s
=
document
.
createElement
(
'
script
'
);
s
.
src
=
'
./support/check-report.sub.js?present=true&field=violated-directive&value=img-src%20%27none%27
'
;
s
.
onload
=
t
.
step_func
(
function
()
{
t
.
properties
=
properties
;
checkReport
(
t
);
});
s
.
onerror
=
t
.
step_func_done
(
function
()
{
assert_unreached
(
'
unable to load check-report.sub.js
'
);
});
document
.
body
.
appendChild
(
s
);
},
defProperties
.
expandedName
+
'
-check-denial-report
'
);
});
document
.
body
.
appendChild
(
e
);
}
specs/csp/other/csp-ProtocolCSP.html.sub.headers
0 → 100644
View file @
150d0791
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Cache-Control: no-store, no-cache
Pragma: no-cache
Set-Cookie: csp-protocolcsp={{$id:uuid()}}; Path=/tests/csp/
Content-Security-Policy: img-src 'none'; report-uri ./support/report-csp.py?op=put&id={{$id}}
specs/csp/resources/test.png
0 → 100644
View file @
150d0791
770 Bytes
specs/csp/support/check-report.sub.js
0 → 100644
View file @
150d0791
"
use strict
"
;
(
function
()
{
function
checkReport
(
t
)
{
var
defProperties
=
t
.
properties
.
def
;
var
locationComponents
=
location
.
pathname
.
split
(
'
/
'
);
var
testPath
=
locationComponents
.
slice
(
0
,
locationComponents
.
length
-
1
).
join
(
'
/
'
);
var
testName
=
locationComponents
[
locationComponents
.
length
-
1
].
split
(
'
.
'
)[
0
].
toLowerCase
();
var
cookies
=
document
.
cookie
.
split
(
'
;
'
);
var
id
;
for
(
var
i
=
0
;
i
<
cookies
.
length
;
++
i
)
{
var
cookie
=
cookies
[
i
];
var
cookieComponents
=
cookie
.
split
(
'
=
'
);
var
n
=
cookieComponents
[
0
].
trim
();
if
(
n
==
testName
)
{
id
=
cookieComponents
[
1
].
trim
();
document
.
cookie
=
n
+
'
=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=
'
+
testPath
;
break
;
}
}
if
(
!!
id
)
{
var
url
=
'
./support/report-csp.py?op=take&timeout=1&id=
'
+
id
;
var
xhr
=
new
XMLHttpRequest
();
xhr
.
open
(
'
GET
'
,
url
,
true
);
xhr
.
onload
=
t
.
step_func_done
(
function
()
{
var
present
=
{{
GET
[
present
]}};
var
result
=
JSON
.
parse
(
xhr
.
response
);
var
error
=
result
[
'
error
'
];
var
report
=
result
[
'
csp-report
'
];
test
(
function
()
{
assert_false
(
!
(
present
^
report
),
present
?
'
no report sent
'
:
'
report sent in error
'
);
},
defProperties
.
expandedName
+
(
present
?
'
-report-present
'
:
'
-report-absent
'
));
if
(
!!
present
&&
!!
report
)
{
test
(
function
()
{
var
field
=
"
{{GET[field]}}
"
;
// must use double quotes, lest substitution contain single quotes
var
value
=
"
{{GET[value]}}
"
;
// must use double quotes, lest substitution contain single quotes
assert_equals
(
report
[
field
],
value
);
},
defProperties
.
expandedName
+
'
-report-field-matches
'
);
}
});
xhr
.
onerror
=
t
.
step_func_done
(
function
()
{
assert_unreached
(
'
unable to load report-csp.py
'
);
});
xhr
.
send
();
}
}
expose
(
'
checkReport
'
,
checkReport
);
})();
specs/csp/support/report-csp.py
0 → 100644
View file @
150d0791
import
time
import
json
def
main
(
request
,
response
):
op
=
request
.
GET
.
first
(
"op"
);
id
=
request
.
GET
.
first
(
"id"
)
timeout
=
float
(
request
.
GET
.
first
(
"timeout"
,
"0"
))
response
.
headers
.
set
(
"Content-Type"
,
"application/json"
)
if
op
==
"put"
:
request
.
server
.
stash
.
put
(
key
=
id
,
value
=
request
.
body
.
rstrip
())
body
=
json
.
dumps
({
'id'
:
id
})
elif
op
==
"take"
:
value
=
request
.
server
.
stash
.
take
(
key
=
id
)
if
value
is
None
:
time
.
sleep
(
timeout
)
value
=
request
.
server
.
stash
.
take
(
key
=
id
)
if
value
is
None
:
value
=
json
.
dumps
({
'error'
:
'no report'
,
'id'
:
id
})
body
=
value
else
:
body
=
json
.
dumps
({
'error'
:
'unknown operation'
,
'id'
:
id
})
return
response
.
headers
,
body
specs/index/index.idl.json
View file @
150d0791
This diff is collapsed.
Click to expand it.
specs/origin/helpers/ProtocolOrigin.js
View file @
150d0791
"
use strict
"
;
function
run
(
t
)
{
var
defProperties
=
t
.
properties
.
def
;
var
url
=
CROSSDOMAIN
+
'
./
resources
/check-origin.py
'
;
var
url
=
CROSSDOMAIN
+
'
./
support
/check-origin.py
'
;
var
xhr
=
new
XMLHttpRequest
();
xhr
.
open
(
'
GET
'
,
url
,
true
);
xhr
.
onload
=
t
.
step_func_done
(
function
()
{
...
...
specs/origin/
resources
/check-origin.py
→
specs/origin/
support
/check-origin.py
View file @
150d0791
File moved
tests/cookies/helpers/ProtocolCookies.js
View file @
150d0791
...
...
@@ -2,7 +2,7 @@
function
run
(
t
)
{
var
defProperties
=
t
.
properties
.
def
;
var
ident
=
'
test
'
;
var
url
=
'
./
resources
/set-cookie.py?ident=
'
+
ident
;
var
url
=
'
./
support
/set-cookie.py?ident=
'
+
ident
;
var
xhr
=
new
XMLHttpRequest
();
xhr
.
open
(
'
GET
'
,
url
,
true
);
xhr
.
onload
=
t
.
step_func
(
function
()
{
...
...
tests/cookies/
resources
/set-cookie.py
→
tests/cookies/
support
/set-cookie.py
View file @
150d0791
File moved
tests/cors/helpers/ProtocolCORS.js
View file @
150d0791
"
use strict
"
;
function
run
(
t
)
{
var
defProperties
=
t
.
properties
.
def
;
var
url
=
CROSSDOMAIN
+
'
./
resources
/check-cors.py
'
;
var
url
=
CROSSDOMAIN
+
'
./
support
/check-cors.py
'
;
test
(
function
()
{
var
xhr
=
new
XMLHttpRequest
();
xhr
.
open
(
'
GET
'
,
url
+
'
?allow=1
'
,
false
);
...
...
tests/cors/
resources
/check-cors.py
→
tests/cors/
support
/check-cors.py
View file @
150d0791
File moved
tests/csp/csp-ProtocolCSP.html
0 → 100644
View file @
150d0791
<!-- Copyright (C) 2014, Cable Television Laboratories, Inc. & Skynav, Inc. -->
<!-- DO NOT EDIT! This test was generated by $(CVP2TS)/tools/level2/generate/generate.js. -->
<!doctype html>
<meta
charset=
'utf-8'
>
<title>
Test ProtocolCSP
</title>
<script
src=
'/resources/testharness.js'
></script>
<script
src=
'/resources/testharnessreport.js'
></script>
<script
src=
'/tools/common/level3.js'
></script>
<script
src=
'/tools/common/crossdomain.js?pipe=sub'
></script>
<script
src=
'./helpers/ProtocolCSP.js'
></script>
<script
type=
'text/plain'
id=
'testDef'
>
{
"
name
"
:
"
ProtocolCSP
"
,
"
helper
"
:
"
ProtocolCSP
"
,
"
code
"
:
"
run(t)
"
,
"
async
"
:
true
}
</script>
<h1>
Test ProtocolCSP Support
</h1>
<div
id=
'log'
></div>
<script>
level3Async
(
'
csp
'
,
JSON
.
parse
(
document
.
getElementById
(
'
testDef
'
).
textContent
),
function
(
t
){
return
run
(
t
);});
</script>
tests/csp/csp-ProtocolCSP.html.sub.headers
0 → 100644
View file @
150d0791
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Cache-Control: no-store, no-cache
Pragma: no-cache
Set-Cookie: csp-protocolcsp={{$id:uuid()}}; Path=/tests/csp/
Content-Security-Policy: img-src 'none'; report-uri ./support/report-csp.py?op=put&id={{$id}}
tests/csp/helpers/ProtocolCSP.js
0 → 100644
View file @
150d0791
"
use strict
"
;
function
run
(
t
)
{
var
properties
=
t
.
properties
;
var
defProperties
=
properties
.
def
;
var
e
=
document
.
createElement
(
'
img
'
);
e
.
src
=
'
./resources/test.png
'
;
e
.
onload
=
t
.
step_func_done
(
function
()
{
test
(
function
()
{
assert_unreached
(
'
image loaded with img-src
\'
none
\'
'
);
},
defProperties
.
expandedName
+
'
-check-allowed
'
);
});
e
.
onerror
=
t
.
step_func_done
(
function
()
{
async_test
(
function
()
{
var
t
=
this
;
var
s
=
document
.
createElement
(
'
script
'
);
s
.
src
=
'
./support/check-report.sub.js?present=true&field=violated-directive&value=img-src%20%27none%27
'
;
s
.
onload
=
t
.
step_func
(
function
()
{
t
.
properties
=
properties
;
checkReport
(
t
);
});
s
.
onerror
=
t
.
step_func_done
(
function
()
{
assert_unreached
(
'
unable to load check-report.sub.js
'
);
});
document
.
body
.
appendChild
(
s
);
},
defProperties
.
expandedName
+
'
-check-denial-report
'
);
});
document
.
body
.
appendChild
(
e
);
}
Prev
1
2
Next
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment