Bug 1026520 - CSP: Inline report sending into allows - test updates (r=dveditz)
authorChristoph Kerschbaumer <mozilla@christophkerschbaumer.com>
Thu, 17 Sep 2015 22:34:49 -0700
changeset 295795 778c2ddda4439667680bb08ac29a6e7aba63b12c
parent 295794 19eb4586448f4a9c5272a057218f63956ac8b8ca
child 295796 4821738e72af0f4dbc682ae6b5cf112283195e4f
push id5245
push userraliiev@mozilla.com
push dateThu, 29 Oct 2015 11:30:51 +0000
treeherdermozilla-beta@dac831dc1bd0 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersdveditz
bugs1026520
milestone43.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1026520 - CSP: Inline report sending into allows - test updates (r=dveditz)
dom/security/test/unit/test_csp_reports.js
--- a/dom/security/test/unit/test_csp_reports.js
+++ b/dom/security/test/unit/test_csp_reports.js
@@ -96,31 +96,24 @@ function makeTest(id, expectedJSON, useR
 function run_test() {
   var selfuri = NetUtil.newURI(REPORT_SERVER_URI +
                                ":" + REPORT_SERVER_PORT +
                                "/foo/self");
 
   // test that inline script violations cause a report.
   makeTest(0, {"blocked-uri": "self"}, false,
       function(csp) {
-        let inlineOK = true, oReportViolation = {'value': false};
-        inlineOK = csp.getAllowsInlineScript(oReportViolation);
+        let inlineOK = true;
+        inlineOK = csp.getAllowsInline(Ci.nsIContentPolicy.TYPE_SCRIPT,
+                                       "", // aNonce
+                                       "", // aContent
+                                       0); // aLineNumber
 
         // this is not a report only policy, so it better block inline scripts
         do_check_false(inlineOK);
-        // ... and cause reports to go out
-        do_check_true(oReportViolation.value);
-
-        if (oReportViolation.value) {
-          // force the logging, since the getter doesn't.
-          csp.logViolationDetails(Ci.nsIContentSecurityPolicy.VIOLATION_TYPE_INLINE_SCRIPT,
-                                  selfuri.asciiSpec,
-                                  "script sample",
-                                  0);
-        }
       });
 
   // test that eval violations cause a report.
   makeTest(1, {"blocked-uri": "self"}, false,
       function(csp) {
         let evalOK = true, oReportViolation = {'value': false};
         evalOK = csp.getAllowsEval(oReportViolation);
 
@@ -144,32 +137,24 @@ function run_test() {
         csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT,
                       NetUtil.newURI("http://blocked.test/foo.js"),
                       null, null, null, null);
       });
 
   // test that inline script violations cause a report in report-only policy
   makeTest(3, {"blocked-uri": "self"}, true,
       function(csp) {
-        let inlineOK = true, oReportViolation = {'value': false};
-        inlineOK = csp.getAllowsInlineScript(oReportViolation);
+        let inlineOK = true;
+        inlineOK = csp.getAllowsInline(Ci.nsIContentPolicy.TYPE_SCRIPT,
+                                       "", // aNonce
+                                       "", // aContent
+                                       0); // aLineNumber
 
         // this is a report only policy, so it better allow inline scripts
         do_check_true(inlineOK);
-
-        // ... and cause reports to go out
-        do_check_true(oReportViolation.value);
-
-        if (oReportViolation.value) {
-          // force the logging, since the getter doesn't.
-          csp.logViolationDetails(Ci.nsIContentSecurityPolicy.VIOLATION_TYPE_INLINE_SCRIPT,
-                                  selfuri.asciiSpec,
-                                  "script sample",
-                                  3);
-        }
       });
 
   // test that eval violations cause a report in report-only policy
   makeTest(4, {"blocked-uri": "self"}, true,
       function(csp) {
         let evalOK = true, oReportViolation = {'value': false};
         evalOK = csp.getAllowsEval(oReportViolation);