-
-
Notifications
You must be signed in to change notification settings - Fork 2.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto merge of #16126 - ferjm:issue-14520-block-media-csv, r=nox
Block scripts with text/csv, audio/*, video/* and image/* mime types This patch implements step 12 of the Main Fetch section of the Fetch API standard. It blocks the load of scripts with `text/csv`, `audio/*`, `video/*` and `image/*` mime types. Credit for the logic of `should_block_mime_type` function should go to the author of #14770. - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #14520 - [X] There are tests for these changes <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/16126) <!-- Reviewable:end -->
- Loading branch information
Showing
4 changed files
with
83 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
39 changes: 39 additions & 0 deletions
39
tests/wpt/web-platform-tests/fetch/api/basic/block-mime-as-script.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
<!doctype html> | ||
<meta charset="utf-8"> | ||
<title>Block mime type as script</title> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<div></div> | ||
<script> | ||
var noop = function() {}; | ||
|
||
["text/csv", | ||
"audio/aiff", | ||
"audio/midi", | ||
"audio/whatever", | ||
"video/avi", | ||
"video/fli", | ||
"video/whatever", | ||
"image/jpeg", | ||
"image/gif", | ||
"image/whatever"].forEach(function(test_case) { | ||
async_test(function(t) { | ||
var script = document.createElement("script"); | ||
script.onerror = t.step_func_done(noop); | ||
script.onload = t.unreached_func("Unexpected load event"); | ||
script.src = "../resources/script-with-header.py?mime=" + test_case; | ||
document.body.appendChild(script); | ||
}, "Should fail loading script with " + test_case + " MIME type"); | ||
}); | ||
|
||
["html", "plain"].forEach(function(test_case) { | ||
async_test(function(t) { | ||
var script = document.createElement("script"); | ||
script.onerror = t.unreached_func("Unexpected error event"); | ||
script.onload = t.step_func_done(noop); | ||
script.src = "../resources/script-with-header.py?mime=text/" + test_case; | ||
document.body.appendChild(script); | ||
}, "Should load script with text/" + test_case + " MIME type"); | ||
}); | ||
|
||
</script> |
4 changes: 4 additions & 0 deletions
4
tests/wpt/web-platform-tests/fetch/api/resources/script-with-header.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
def main(request, response): | ||
headers = [("Content-type", request.GET.first("mime"))] | ||
content = "console.log('Script loaded')" | ||
return 200, headers, content |