1 // Copyright 2014 Samsung Electronics. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #define SAMPLE_CONTENT_SECURITY_POLICY "ewk_view/sample_content_security_policy.html"
7 #include "utc_blink_ewk_base.h"
9 const char* policy = "default-src 'self';";
11 class utc_blink_ewk_view_content_security_policy_set : public utc_blink_ewk_base {
15 void LoadFinished(Evas_Object* webview) {
17 ecore_timer_add(2, getTitle, this);
20 static Eina_Bool getTitle(void *data)
23 utc_blink_ewk_view_content_security_policy_set* owner = static_cast<utc_blink_ewk_view_content_security_policy_set*>(data);
25 owner->title = ewk_view_title_get(owner->GetEwkWebView());
27 owner->EventLoopStop(utc_blink_ewk_base::Success);
34 * @brief Tests if it isn't possible to eval inline script when content security policy is set
35 * and enforce policy header is set.
37 TEST_F(utc_blink_ewk_view_content_security_policy_set, POS_TEST)
39 ewk_view_content_security_policy_set(GetEwkWebView(), policy, EWK_ENFORCE_POLICY);
41 Eina_Bool result = ewk_view_url_set(GetEwkWebView(), GetResourceUrl(SAMPLE_CONTENT_SECURITY_POLICY).c_str());
45 utc_blink_ewk_base::MainLoopResult main_result = EventLoopStart();
46 if (main_result != utc_blink_ewk_base::Success)
49 utc_check_str_eq((const char*)title.c_str(), "PASS");
53 * @brief Tests if there is possibility to eval inline script when content security policy
54 * and report only policy header is set.
56 TEST_F(utc_blink_ewk_view_content_security_policy_set, POS_TEST2)
58 ewk_view_content_security_policy_set(GetEwkWebView(), policy, EWK_REPORT_ONLY);
60 Eina_Bool result = ewk_view_url_set(GetEwkWebView(), GetResourceUrl(SAMPLE_CONTENT_SECURITY_POLICY).c_str());
64 utc_blink_ewk_base::MainLoopResult main_result = EventLoopStart();
65 if (main_result != utc_blink_ewk_base::Success)
68 utc_check_str_eq((const char*)title.c_str(), "FAIL");
72 * @brief Tests if there is possibility to eval inline script when content security policy is disabled.
74 TEST_F(utc_blink_ewk_view_content_security_policy_set, NEG_TEST)
76 ewk_view_content_security_policy_set(NULL, NULL, EWK_ENFORCE_POLICY);
78 Eina_Bool result = ewk_view_url_set(GetEwkWebView(), GetResourceUrl(SAMPLE_CONTENT_SECURITY_POLICY).c_str());
82 utc_blink_ewk_base::MainLoopResult main_result = EventLoopStart();
83 if (main_result != utc_blink_ewk_base::Success)
86 utc_check_str_ne((const char*)title.c_str(), "PASS");