Merge pull request #1916 from metromoxie/sri-more-tests

SRI Additional tests, focusing on cross origin
web-platform-tests · Jun 19, 2015 · c4edb58 · c4edb58
2 parents ba54984 + 84fb1c2
commit c4edb58
Show file tree

Hide file tree

Showing 2 changed files with 102 additions and 3 deletions.
diff --git a/subresource-integrity/subresource-integrity.html b/subresource-integrity/subresource-integrity.html
@@ -137,13 +137,35 @@
         }
     });
 
+    // Script tests
     new SRIScriptTest(
         true,
-        "Script: Same-origin with correct hash.",
+        "Same-origin with correct sha256 hash.",
         "matching-digest.js",
         "sha256-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E="
     ).execute();
 
+    new SRIScriptTest(
+        true,
+        "Same-origin with correct sha384 hash.",
+        "matching-digest.js",
+        "sha384-BDRTPSywZFyxfLEAzaLcL4FfERBgJgXfEkuT0r04LG93Yqn1PWNYPZMomaqEfE3H"
+    ).execute();
+
+    new SRIScriptTest(
+        true,
+        "Same-origin with correct sha512 hash.",
+        "matching-digest.js",
+        "sha512-geByvIIRspbnUnwooKGNNCb39nvg+EW0O9hDScTXeo/9pVZztLSUYU3LNV6H0lZapo8bCJUpyPPLAzE9fDzpxg=="
+    ).execute();
+
+    new SRIScriptTest(
+        true,
+        "Smame-origin with empty integrity.",
+        "matching-digest.js",
+        ""
+    ).execute();
+
     new SRIScriptTest(
         false,
         "Same-origin with incorrect hash.",
@@ -219,6 +241,27 @@
         "anonymous"
     ).execute();
 
+    new SRIScriptTest(
+        true,
+        "Cross-origin, not CORS request, with correct hash",
+        xorigin_anon_script,
+        "sha256-51AjITq701Y0yKSx3/UoIKtIY2UQ9+H8WGyyMuOWOC0="
+    ).execute();
+
+    new SRIScriptTest(
+        true,
+        "Cross-origin, not CORS request, with hash masmatch",
+        xorigin_anon_script,
+        "sha256-deadbeef01Y0yKSx3/UoIKtIY2UQ9+H8WGyyMuOWOC0="
+    ).execute();
+
+    new SRIScriptTest(
+        true,
+        "Cross-origin, empty integrity",
+        xorigin_anon_script,
+        ""
+    ).execute();
+
     new SRIScriptTest(
         true,
         "Same-origin with correct hash, options.",
@@ -233,14 +276,39 @@
         "foo666-U9WYDtBWkcHx13+9UKk/3Q5eoqDc4YGxYb07EPWzb9E="
     ).execute();
 
+    // Style tests
     new SRIStyleTest(
         style_tests,
         true,
-        "Same-origin with correct hash",
+        "Same-origin with correct sha256 hash",
         "style.css",
         "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F-SPLT7YZk7gyCWUV4="
     );
 
+    new SRIStyleTest(
+        style_tests,
+        true,
+        "Same-origin with correct sha384 hash",
+        "style.css",
+        "sha384-wDAWxH4tOWBwAwHfBn9B7XuNmFxHTMeigAMwn0iVQ0zq3FtmYMLxihcGnU64CwcX"
+    );
+
+    new SRIStyleTest(
+        style_tests,
+        true,
+        "Same-origin with correct sha512 hash",
+        "style.css",
+        "sha512-9wXDjd6Wq3H6nPAhI9zOvG7mJkUr03MTxaO+8ztTKnfJif42laL93Be/IF6YYZHHF4esitVYxiwpY2HSZX4l6w=="
+    );
+
+    new SRIStyleTest(
+        style_tests,
+        true,
+        "Same-origin with empty integrity",
+        "style.css",
+        ""
+    );
+
     new SRIStyleTest(
         style_tests,
         false,
@@ -326,6 +394,30 @@
         "anonymous"
     );
 
+    new SRIStyleTest(
+        style_tests,
+        true,
+        "Cross-origin, not CORS request, with correct hash",
+        xorigin_anon_style,
+        "sha256-CzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk7gyCWUV4="
+    );
+
+    new SRIStyleTest(
+        style_tests,
+        true,
+        "Cross-origin, not CORS request, with hash masmatch",
+        xorigin_anon_style,
+        "sha256-deadbeefCzHgdJ7wOccM8L89n4bhcJMz3F+SPLT7YZk="
+    );
+
+    new SRIStyleTest(
+        style_tests,
+        true,
+        "Cross-origin, empty integrity",
+        xorigin_anon_style,
+        ""
+    );
+
     new SRIStyleTest(
         style_tests,
         true,

diff --git a/subresource-integrity/tools/list_hashes.py b/subresource-integrity/tools/list_hashes.py
@@ -1,5 +1,5 @@
 from os import path, listdir
-from hashlib import sha512, sha256, md5
+from hashlib import sha512, sha384, sha256, md5
 from base64 import b64encode
 import re
 
@@ -25,6 +25,12 @@ def format_digest(digest):
 def sha512_uri(content):
   return "sha512-%s" % format_digest(sha512(content).digest())
 
+'''
+Generate an encoded sha384 URI.
+'''
+def sha384_uri(content):
+  return "sha384-%s" % format_digest(sha384(content).digest())
+
 '''
 Generate an encoded sha256 URI.
 '''
@@ -43,6 +49,7 @@ def main():
     with open(file, "r") as content_file:
       content = content_file.read()
       print "\tSHA512 integrity: %s" % sha512_uri(content)
+      print "\tSHA384 integrity: %s" % sha384_uri(content)
       print "\tSHA256 integrity: %s" % sha256_uri(content)
       print "\tMD5 integrity:    %s" % md5_uri(content)