Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Errors
- This test gets skipped with pattern: asan OR http3 OR http2
- This test failed 11 times in the preceding 30 days. quicksearch this test
- Manifest: devtools/client/webconsole/test/browser/_webconsole.toml
/* Any copyright is dedicated to the Public Domain.
/* We are loading:
a script that is allowed by the CSP header but not by the CSPRO header
an image which is allowed by the CSPRO header but not by the CSP header.
So we expect a warning (image has been blocked) and a report
(script should not load and was reported)
The expected console messages in the constants CSP_VIOLATION_MSG and
CSP_REPORT_MSG are confirmed to be found in the console messages.
*/
"use strict";
const TEST_URI =
"data:text/html;charset=utf8,<!DOCTYPE html>Web Console CSP report only test";
const TEST_VIOLATION =
"test/browser/test-cspro.html";
const bundle = Services.strings.createBundle(
);
const CSP_VIOLATION_MSG = bundle.formatStringFromName("CSPGenericViolation", [
"img-src 'self'",
"img-src",
]);
const CSP_REPORT_MSG = bundle.formatStringFromName("CSPROScriptViolation", [
"script-src 'self'",
"script-src-elem",
]);
add_task(async function () {
const hud = await openNewTabAndConsole(TEST_URI);
const onCspViolationMessage = waitForMessageByType(
hud,
CSP_VIOLATION_MSG,
".error"
);
const onCspReportMessage = waitForMessageByType(
hud,
CSP_REPORT_MSG,
".error"
);
info("Load a page with CSP warnings.");
await navigateTo(TEST_VIOLATION);
await onCspViolationMessage;
await onCspReportMessage;
ok(
true,
"Confirmed that CSP and CSP-Report-Only log different messages to console"
);
await clearOutput(hud);
});