Bug 1117311 - CSP: Allowing paths that start with '_' - tests (r=sstamm)
authorChristoph Kerschbaumer <mozilla@christophkerschbaumer.com>
Sun, 04 Jan 2015 19:58:25 -0800
changeset 235074 b2af3f485bdfe6d29373565d998289cba458ed4c
parent 235073 425de18940f3929fbec345b94cff490f9f37dac6
child 235075 44b19ea8dfa2b90f26667c45a6a599ea4862d776
child 235188 fb1b266828a6d30281d866874b1989a6f111a253
push id349
push usermartin.thomson@gmail.com
push dateTue, 06 Jan 2015 00:59:51 +0000
reviewerssstamm
bugs1117311
milestone37.0a1
Bug 1117311 - CSP: Allowing paths that start with '_' - tests (r=sstamm)
dom/base/test/TestCSPParser.cpp
--- a/dom/base/test/TestCSPParser.cpp
+++ b/dom/base/test/TestCSPParser.cpp
@@ -361,16 +361,20 @@ nsresult TestPaths() {
     { "report-uri /examplepath",
       "report-uri http://www.selfuri.com/examplepath" },
     { "connect-src http://www.example.com/foo%3Bsessionid=12%2C34",
       "connect-src http://www.example.com/foo;sessionid=12,34" },
     { "connect-src http://www.example.com/foo%3bsessionid=12%2c34",
       "connect-src http://www.example.com/foo;sessionid=12,34" },
     { "connect-src http://test.com/pathIncludingAz19-._~!$&'()*+=:@",
       "connect-src http://test.com/pathincludingaz19-._~!$&'()*+=:@" },
+    { "script-src http://www.example.com:88/.js",
+      "script-src http://www.example.com:88/.js" },
+    { "script-src https://foo.com/_abc/abc_/_/_a_b_c_",
+      "script-src https://foo.com/_abc/abc_/_/_a_b_c_" }
   };
 
   uint32_t policyCount = sizeof(policies) / sizeof(PolicyTest);
   return runTestSuite(policies, policyCount, 1);
 }
 
 // ============================= TestSimplePolicies ========================
 
@@ -485,18 +489,16 @@ nsresult TestPoliciesWithInvalidSrc() {
     { "script-src http://www.example.com:88path-1/",
       "script-src 'none'" },
     { "script-src http://www.example.com:88//",
       "script-src 'none'" },
     { "script-src http://www.example.com:88//path-1",
       "script-src 'none'" },
     { "script-src http://www.example.com:88//path-1",
       "script-src 'none'" },
-    { "script-src http://www.example.com:88/.js",
-      "script-src 'none'" },
     { "script-src http://www.example.com:88.js",
       "script-src 'none'" },
     { "script-src http://www.example.com:*.js",
       "script-src 'none'" },
     { "script-src http://www.example.com:*.",
       "script-src 'none'" },
     { "connect-src http://www.example.com/foo%zz;",
       "connect-src 'none'" },