Skip to content

Commit d3c6267

Browse files
lukewarlowlukewarlow
authored
Add TT reporting tests for ServiceWorkerContaine register() (#51428)
1 parent 188041e commit d3c6267

8 files changed

+85
-2
lines changed

trusted-types/support/csp-violations.js

+2-2
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ const cspDirectives = [
1515
// the CSP directive connect-src 'none' and that fn is not itself triggering
1616
// a "connect-src" violation report.
1717
function trusted_type_violations_and_exception_for(fn) {
18-
return new Promise((resolve, reject) => {
18+
return new Promise(async (resolve, reject) => {
1919
// Listen for security policy violations.
2020
let result = { violations: [], exception: null };
2121
let handler = e => {
@@ -33,7 +33,7 @@ function trusted_type_violations_and_exception_for(fn) {
3333

3434
// Run the specified function and record any exception.
3535
try {
36-
fn();
36+
await fn();
3737
} catch(e) {
3838
result.exception = e;
3939
}

trusted-types/support/trusted-types-reporting-for-ServiceWorkerContainer-register-worker.https.js

+11
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
const testSetupPolicy = trustedTypes.createPolicy("p", { createScriptURL: s => s });
2+
3+
importScripts(testSetupPolicy.createScriptURL("/resources/testharness.js"));
4+
importScripts(testSetupPolicy.createScriptURL("helper.sub.js"));
5+
importScripts(testSetupPolicy.createScriptURL("csp-violations.js"));
6+
7+
importScripts(testSetupPolicy.createScriptURL(
8+
"trusted-types-reporting-for-ServiceWorkerContainer-register.https.js"
9+
));
10+
11+
done();

trusted-types/support/trusted-types-reporting-for-ServiceWorkerContainer-register-worker.https.js.headers

+2
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
Content-Security-Policy: require-trusted-types-for 'script';
2+
Content-Security-Policy: connect-src 'none'

trusted-types/support/trusted-types-reporting-for-ServiceWorkerContainer-register.https.js

+27
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
const policy = trustedTypes.createPolicy("dummy", { createScriptURL: x => x });
2+
let worker_url = "worker.https.js";
3+
let scope = `scope1/`;
4+
5+
if (getGlobalThisStr().includes("Window")) {
6+
worker_url = `support/${worker_url}`;
7+
scope = `support/${scope}`;
8+
}
9+
10+
promise_test(async t => {
11+
await no_trusted_type_violation_for(async _ => {
12+
let reg = await self.navigator.serviceWorker.getRegistration(scope);
13+
if (reg) await reg.unregister();
14+
reg = await self.navigator.serviceWorker.register(policy.createScriptURL(worker_url), {scope});
15+
await new Promise(r => reg.addEventListener("updatefound", r));
16+
});
17+
}, "No violation reported for ServiceWorkerContainer register with TrustedScriptURL.");
18+
19+
promise_test(async t => {
20+
let violation = await trusted_type_violation_for(TypeError, async _ => {
21+
let reg = await self.navigator.serviceWorker.getRegistration(scope);
22+
if (reg) await reg.unregister();
23+
await self.navigator.serviceWorker.register(worker_url, {scope});
24+
});
25+
assert_equals(violation.blockedURI, "trusted-types-sink");
26+
assert_equals(violation.sample, `ServiceWorkerContainer register|${clipSampleIfNeeded(worker_url)}`);
27+
}, "Violation report for ServiceWorkerContainer register with plain string.");

trusted-types/trusted-types-reporting-for-DedicatedWorker-ServiceWorkerContainer-register.https.html

+9
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
<!DOCTYPE html>
2+
<script src="/resources/testharness.js"></script>
3+
<script src="/resources/testharnessreport.js"></script>
4+
<body>
5+
<script>
6+
fetch_tests_from_worker(new Worker(
7+
"support/trusted-types-reporting-for-ServiceWorkerContainer-register-worker.https.js"
8+
));
9+
</script>

trusted-types/trusted-types-reporting-for-ServiceWorker-ServiceWorkerContainer-register.https.html

+15
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
<!DOCTYPE html>
2+
<script src="/resources/testharness.js"></script>
3+
<script src="/resources/testharnessreport.js"></script>
4+
<body>
5+
<script>
6+
// Cargo-culted from code generated from "META: worker".
7+
(async function() {
8+
const scope = 'support/some/scope/for/this/test';
9+
let reg = await navigator.serviceWorker.getRegistration(scope);
10+
if (reg) await reg.unregister();
11+
reg = await navigator.serviceWorker.register(
12+
"support/trusted-types-reporting-for-ServiceWorkerContainer-register-worker.https.js", {scope});
13+
fetch_tests_from_worker(reg.installing);
14+
})();
15+
</script>

trusted-types/trusted-types-reporting-for-SharedWorker-ServiceWorkerContainer-register.https.html

+9
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
<!DOCTYPE html>
2+
<script src="/resources/testharness.js"></script>
3+
<script src="/resources/testharnessreport.js"></script>
4+
<body>
5+
<script>
6+
fetch_tests_from_worker(new SharedWorker(
7+
"support/trusted-types-reporting-for-ServiceWorkerContainer-register-worker.https.js"
8+
));
9+
</script>

trusted-types/trusted-types-reporting-for-Window-ServiceWorkerContainer-register.https.html

+10
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
<!DOCTYPE html>
2+
<script src="/resources/testharness.js"></script>
3+
<script src="/resources/testharnessreport.js"></script>
4+
<script src="support/helper.sub.js"></script>
5+
<script src="support/csp-violations.js"></script>
6+
7+
<meta http-equiv="Content-Security-Policy" content="require-trusted-types-for 'script'; connect-src 'none';">
8+
<body>
9+
<script src="support/trusted-types-reporting-for-ServiceWorkerContainer-register.https.js">
10+
</script>

0 commit comments

Comments
 (0)