Bug 1466508: Fix race condition within wpt test policy-inherited-correctly-by-plznavigate.html part 2. r=bz
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Tue, 05 Jun 2018 11:42:00 +0200
changeset 421591 fac57eb7e7aaaa0c5396d39dc67eae2451754b9f
parent 421590 8a4b9dd1d15ee10c1b2509202085cf151a4bf0ae
child 421592 21861ee0ddb89d1d3b575ccfeaa1c5043374eeab
push id34098
push usernbeleuzu@mozilla.com
push dateWed, 06 Jun 2018 17:00:32 +0000
treeherdermozilla-central@04cc917f68c5 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs1466508
milestone62.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1466508: Fix race condition within wpt test policy-inherited-correctly-by-plznavigate.html part 2. r=bz
testing/web-platform/tests/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html
--- a/testing/web-platform/tests/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html
+++ b/testing/web-platform/tests/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html
@@ -7,35 +7,37 @@
        PlzNavigate on).
        Also see crbug.com/778658. -->
   <script src='/resources/testharness.js'></script>
   <script src='/resources/testharnessreport.js'></script>
 </head>
 <body>
   <script>
     var t = async_test("iframe still inherits correct CSP");
-  </script>
 
-  <iframe id="x" srcdoc="<a href='about:blank'>123</a>"></iframe>
-
-  <script>
     window.onmessage = t.step_func_done(function(e) {
       assert_equals(e.data, "frame-src");
     });
 
-    x = document.getElementById('x');
-    x.onload = function() {
+    function doDocWrite() {
+      x = document.getElementById('x');
       x.location = "";
 
       // While document.write is deprecated I did not find another way to reproduce
       // the original exploit.
       x.contentDocument.write(
         '<script>window.addEventListener("securitypolicyviolation", function(e) {' +
         '  window.top.postMessage(e.violatedDirective, "*");' +
         '});</scr' + 'ipt>' +
         '<iframe src="../support/fail.html"></iframe>'
       );
       x.contentDocument.close();
+
+      var s = document.createElement('script');
+      s.async = true;
+      s.defer = true;
+      s.src = '../support/checkReport.sub.js?reportField=violated-directive&reportValue=frame-src%20%27none%27';
+      document.lastChild.appendChild(s);
     }
   </script>
-  <script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=frame-src%20%27none%27''></script>
+  <iframe id="x" onload="doDocWrite()" srcdoc="<a href='about:blank'>123</a>"></iframe>
 </body>
 </html>