LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag.pl - Issue 23172003: Improve parallelization of CSP and XSSAuditor reporting tests.

Side by Side Diff: LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag.pl

Issue 23172003: Improve parallelization of CSP and XSSAuditor reporting tests. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Created 7 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « LayoutTests/http/tests/security/xssAuditor/report-script-tag-full-block-expected.txt ('k') | no next file » | no next file with comments »

OLD	NEW
1 #!/usr/bin/perl -wT	1 #!/usr/bin/perl -wT

2 use strict;	2 use strict;

3 use CGI;	3 use CGI;

4	4

5 my $cgi = new CGI;	5 my $cgi = new CGI;

6	6

7 # Passing semicolons through the url to this script is problematic. The raw	7 # Passing semicolons through the url to this script is problematic. The raw

8 # form truncates the input and the %-encoded form isn't being decoded. Hence	8 # form truncates the input and the %-encoded form isn't being decoded. Hence

9 # this set of hard-coded headers.	9 # this set of hard-coded headers.

10 if ($cgi->param('disable-protection')) {	10 if ($cgi->param('disable-protection')) {

11 print "X-XSS-Protection: 0\n";	11 print "X-XSS-Protection: 0\n";

12 }	12 }

13 if ($cgi->param('enable-full-block')) {	13 if ($cgi->param('enable-full-block')) {

14 print "X-XSS-Protection: 1; mode=block\n";	14 print "X-XSS-Protection: 1; mode=block\n";

15 }	15 }

16 if ($cgi->param('enable-report')) {	16 if ($cgi->param('enable-report')) {

17 print "X-XSS-Protection: 1; report=/security/contentSecurityPolicy/resources /save-report.php\n";	17 print "X-XSS-Protection: 1; report=/security/contentSecurityPolicy/resources /save-report.php?test=" . $cgi->param('test') . "\n";

18 }	18 }

19 if ($cgi->param('enable-full-block-report')) {	19 if ($cgi->param('enable-full-block-report')) {

20 print "X-XSS-Protection: 1; mode=block; report=/security/contentSecurityPoli cy/resources/save-report.php\n";	20 print "X-XSS-Protection: 1; mode=block; report=/security/contentSecurityPoli cy/resources/save-report.php?test=" . $cgi->param('test') . "\n";

21 }	21 }

22	22

23 if ($cgi->param('valid-header')) {	23 if ($cgi->param('valid-header')) {

24 if ($cgi->param('valid-header') == 1) {	24 if ($cgi->param('valid-header') == 1) {

25 print "X-XSS-Protection: 1 ;MoDe = bLocK \n";	25 print "X-XSS-Protection: 1 ;MoDe = bLocK \n";

26 }	26 }

27 if ($cgi->param('valid-header') == 2) {	27 if ($cgi->param('valid-header') == 2) {

28 print "X-XSS-Protection: 1; \n";	28 print "X-XSS-Protection: 1; \n";

29 }	29 }

30 if ($cgi->param('valid-header') == 3) {	30 if ($cgi->param('valid-header') == 3) {

(...skipping 97 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
128 print "<p>If you see this message then the test FAILED.</p>\n";	128 print "<p>If you see this message then the test FAILED.</p>\n";

129 }	129 }

130 if ($cgi->param('alert-cookie')) {	130 if ($cgi->param('alert-cookie')) {

131 print "<script>if (/xssAuditorTestCookie/.test(document.cookie)) { alert('FA IL: ' + document.cookie); document.cookie = 'xssAuditorTestCookie=remove; max-ag e=-1'; } else alert('PASS');</script>\n";	131 print "<script>if (/xssAuditorTestCookie/.test(document.cookie)) { alert('FA IL: ' + document.cookie); document.cookie = 'xssAuditorTestCookie=remove; max-ag e=-1'; } else alert('PASS');</script>\n";

132 }	132 }

133 if ($cgi->param('echo-report')) {	133 if ($cgi->param('echo-report')) {

134 print "<script src=/security/contentSecurityPolicy/resources/go-to-echo-repo rt.js></script>\n";	134 print "<script src=/security/contentSecurityPolicy/resources/go-to-echo-repo rt.js></script>\n";

135 }	135 }

136 print "</body>\n";	136 print "</body>\n";

137 print "</html>\n";	137 print "</html>\n";

OLD	NEW