Rewrite CSP tests

nicolo-ribaudo · nicolo-ribaudo · commit 292418703c90 · 2023-10-10T13:27:23.000+09:00
diff --git a/content-security-policy/connect-src/connect-src-json-import-allowed.sub.html b/content-security-policy/connect-src/connect-src-json-import-allowed.sub.html
@@ -1,27 +1,24 @@
 <!DOCTYPE html>
 <html>
-
-<head>
-    <meta http-equiv="Content-Security-Policy" content="connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';">
+  <head>
     <title>connect-src-json-import-allowed</title>
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';"
+    />
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
-    <script src='../support/logTest.sub.js?logs=["allowed"]'></script>
-    <script src="../support/alertAssert.sub.js?alerts=[]"></script>
-</head>
+  </head>
 
-<body>
+  <body>
     <script>
-        window.addEventListener('securitypolicyviolation', function(e) {
-            log("blocked");
-        });
-
-        import("./resources/dummy.json", { with: { type: "json" } }).then(
-          () => { log("allowed") },
-          () => { log("error") },
-        )
+      promise_test(async (t) => {
+        window.addEventListener(
+          "securitypolicyviolation",
+          t.unreached_func("No security policy violation should be raised.")
+        );
+        return import("./resources/dummy.json", { with: { type: "json" } });
+      }, "import should be allowed");
     </script>
-    <div id="log"></div>
-</body>
-
+  </body>
 </html>
diff --git a/content-security-policy/connect-src/connect-src-json-import-blocked.sub.html b/content-security-policy/connect-src/connect-src-json-import-blocked.sub.html
@@ -1,27 +1,32 @@
 <!DOCTYPE html>
 <html>
-
-<head>
-    <meta http-equiv="Content-Security-Policy" content="connect-src 'none'; script-src 'self' 'unsafe-inline';">
-    <title>connect-src-json-import-blocked</title>
+  <head>
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="connect-src 'none'; script-src 'self' 'unsafe-inline';"
+    />
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
-    <script src='../support/logTest.sub.js?logs=["allowed"]'></script>
-    <script src="../support/alertAssert.sub.js?alerts=[]"></script>
-</head>
+  </head>
 
-<body>
+  <body>
     <script>
-        window.addEventListener('securitypolicyviolation', function(e) {
-            log("blocked");
+      promise_test((t) => {
+        let spv = new Promise((resolve, reject) => {
+          window.addEventListener("securitypolicyviolation", (e) => {
+            if (e.blockedURI.endsWith("dummy.json")) {
+              resolve();
+            } else {
+              reject();
+            }
+          });
         });
 
-        import("./resources/dummy.json", { with: { type: "json" } }).then(
-          () => { log("allowed") },
-          () => { log("error") },
-        )
+        return Promise.all([
+          promise_rejects_js(t, Error, import("./resources/dummy.json", { with: { type: "json" } })),
+          check_spv,
+        ]);
+      });
     </script>
-    <div id="log"></div>
-</body>
-
+  </body>
 </html>
diff --git a/content-security-policy/style-src/import-declaration-style-allowed.sub.html b/content-security-policy/style-src/import-declaration-style-allowed.sub.html
@@ -1,27 +1,35 @@
 <!DOCTYPE html>
 <html>
-
-<head>
-    <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
-    <meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline' 'self' 'http://{{domains[www1]}}:{{ports[http][0]}}'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';">
+  <head>
     <title>import-declaration-style-allowed</title>
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="connect-src 'self' http://{{host}}:{{ports[http][0]}}; script-src 'self' 'unsafe-inline';"
+    />
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
-    <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
-    <script src="../support/alertAssert.sub.js?alerts=[]"></script>
+  </head>
+
+  <body>
     <script>
-        window.addEventListener('securitypolicyviolation', function(e) {
-            log("FAIL");
+      promise_test(async (t) => {
+        window.addEventListener(
+          "securitypolicyviolation",
+          t.unreached_func("No security policy violation should be raised.")
+        );
+
+        let load = new Promise((resolve, reject) => {
+          globalThis.onLoadSuccess = resolve;
+          globalThis.onLoadError = reject;
         });
-    </script>
-</head>
 
-<body>
-    <script type="module">
-        import "./resources/allowed.css" assert { type: "css" };
-        log('PASS');
+        return load;
+      }, "import should be allowed");
     </script>
-    <div id="log"></div>
-</body>
 
+    <script type="module" onerror="onLoadError()">
+      import "./resources/allowed.css" with { type: "css" };
+      onLoadSuccess();
+    </script>
+  </body>
 </html>
diff --git a/content-security-policy/style-src/import-declaration-style-blocked.sub.html b/content-security-policy/style-src/import-declaration-style-blocked.sub.html
@@ -1,26 +1,42 @@
 <!DOCTYPE html>
 <html>
-
-<head>
-    <meta http-equiv="Content-Security-Policy" content="style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';">
-    <title>import-declaration-style-blocked</title>
+  <head>
+    <title>import-declaration-style-disallowed</title>
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';"
+    />
     <script src="/resources/testharness.js"></script>
     <script src="/resources/testharnessreport.js"></script>
-    <script src='../support/logTest.sub.js?logs=["PASS"]'></script>
-    <script src="../support/alertAssert.sub.js?alerts=[]"></script>
-    <script>
-        window.addEventListener('securitypolicyviolation', function(e) {
-            log("FAIL");
-        });
-    </script>
-</head>
+  </head>
+
+  <body>
+    <body>
+      <script>
+        promise_test(async (t) => {
+          let check_spv = new Promise((resolve, reject) => {
+            window.addEventListener("securitypolicyviolation", (e) => {
+              if (e.blockedURI.endsWith("blocked.css")) {
+                resolve();
+              } else {
+                reject();
+              }
+            });
+          });
+
+          let load = new Promise((resolve, reject) => {
+            globalThis.onLoadSuccess = resolve;
+            globalThis.onLoadError = reject;
+          });
 
-<body>
-    <script type="module" onerror="log('PASS')">
-        import "./resources/blocked.css" assert { type: "css" };
-        log('FAIL');
-    </script>
-    <div id="log"></div>
-</body>
+          return Promise.all([promise_rejects_js(t, Error, load), check_spv]);
+        }, "import should be allowed");
+      </script>
 
+      <script type="module" onerror="onLoadError()">
+        import "./resources/blocked.css" with { type: "css" };
+        onLoadSuccess();
+      </script>
+    </body>
+  </body>
 </html>
