1 // Copyright 2014 Samsung Electronics. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #define SAMPLE_CONTENT_SECURITY_POLICY "ewk_view/sample_content_security_policy.html"
7 #include "utc_blink_ewk_base.h"
9 const char* policy = "default-src 'self';";
11 class utc_blink_ewk_view_content_security_policy_set : public utc_blink_ewk_base {
15 void LoadFinished(Evas_Object* webview) override {
16 ecore_timer_add(2, getTitle, this);
19 static Eina_Bool getTitle(void *data)
22 utc_blink_ewk_view_content_security_policy_set* owner = static_cast<utc_blink_ewk_view_content_security_policy_set*>(data);
24 owner->title = ewk_view_title_get(owner->GetEwkWebView());
26 owner->EventLoopStop(utc_blink_ewk_base::Success);
33 * @brief Tests if it isn't possible to eval inline script when content security policy is set
34 * and enforce policy header is set.
36 TEST_F(utc_blink_ewk_view_content_security_policy_set, POS_TEST)
38 ewk_view_content_security_policy_set(GetEwkWebView(), policy, EWK_ENFORCE_POLICY);
40 Eina_Bool result = ewk_view_url_set(GetEwkWebView(), GetResourceUrl(SAMPLE_CONTENT_SECURITY_POLICY).c_str());
44 utc_blink_ewk_base::MainLoopResult main_result = EventLoopStart();
45 if (main_result != utc_blink_ewk_base::Success)
48 utc_check_str_eq((const char*)title.c_str(), "PASS");
52 * @brief Tests if there is possibility to eval inline script when content security policy
53 * and report only policy header is set.
55 TEST_F(utc_blink_ewk_view_content_security_policy_set, POS_TEST2)
57 ewk_view_content_security_policy_set(GetEwkWebView(), policy, EWK_REPORT_ONLY);
59 Eina_Bool result = ewk_view_url_set(GetEwkWebView(), GetResourceUrl(SAMPLE_CONTENT_SECURITY_POLICY).c_str());
63 utc_blink_ewk_base::MainLoopResult main_result = EventLoopStart();
64 if (main_result != utc_blink_ewk_base::Success)
67 utc_check_str_eq((const char*)title.c_str(), "FAIL");
71 * @brief Tests if there is possibility to eval inline script when content security policy is disabled.
73 TEST_F(utc_blink_ewk_view_content_security_policy_set, NEG_TEST)
75 ewk_view_content_security_policy_set(NULL, NULL, EWK_ENFORCE_POLICY);
77 Eina_Bool result = ewk_view_url_set(GetEwkWebView(), GetResourceUrl(SAMPLE_CONTENT_SECURITY_POLICY).c_str());
81 utc_blink_ewk_base::MainLoopResult main_result = EventLoopStart();
82 if (main_result != utc_blink_ewk_base::Success)
85 utc_check_str_ne((const char*)title.c_str(), "PASS");