Bug 1466508 - Fix race condition within wpt test policy-inherited-correctly-by-plznavigate.html. r=jgraham
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Mon, 04 Jun 2018 14:09:00 +0200
changeset 475390 0c71a38c8c5c49d3041a3a8d06116b07ba1279b3
parent 475389 b48809c10b802ad9b47ef8edb6bbac90f777b193
child 475391 2426ac9d78fe52b238345e286b000424cbab4989
push id9374
push userjlund@mozilla.com
push dateMon, 18 Jun 2018 21:43:20 +0000
treeherdermozilla-beta@160e085dfb0b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjgraham
bugs1466508
milestone62.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1466508 - Fix race condition within wpt test policy-inherited-correctly-by-plznavigate.html. r=jgraham
testing/web-platform/tests/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html
--- a/testing/web-platform/tests/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html
+++ b/testing/web-platform/tests/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html
@@ -17,23 +17,25 @@
   <iframe id="x" srcdoc="<a href='about:blank'>123</a>"></iframe>
 
   <script>
     window.onmessage = t.step_func_done(function(e) {
       assert_equals(e.data, "frame-src");
     });
 
     x = document.getElementById('x');
-    x.location = "";
+    x.onload = function() {
+      x.location = "";
 
-    // While document.write is deprecated I did not find another way to reproduce
-    // the original exploit.
-    x.contentDocument.write(
-      '<script>window.addEventListener("securitypolicyviolation", function(e) {' +
-      '  window.top.postMessage(e.violatedDirective, "*");' +
-      '});</scr' + 'ipt>' +
-      '<iframe src="../support/fail.html"></iframe>'
-    );
-    x.contentDocument.close();
+      // While document.write is deprecated I did not find another way to reproduce
+      // the original exploit.
+      x.contentDocument.write(
+        '<script>window.addEventListener("securitypolicyviolation", function(e) {' +
+        '  window.top.postMessage(e.violatedDirective, "*");' +
+        '});</scr' + 'ipt>' +
+        '<iframe src="../support/fail.html"></iframe>'
+      );
+      x.contentDocument.close();
+    }
   </script>
   <script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=frame-src%20%27none%27''></script>
 </body>
-</html>
\ No newline at end of file
+</html>