--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<widget id="http://tizen.org/report-uri-double-violated" xmlns="http://www.w3.org/ns/widgets" xmlns:tizen="http://tizen.org/ns/widgets">
+ <icon src="icon.png" height="123" width="123"/>
+ <content src="index.html"/>
+ <tizen:content-security-policy>script-src 'unsafe-inline';report-uri http://127.0.0.1:8080/opt/tct-ext02-wrt-tests/support/reportcspviolation.cgi</tizen:content-security-policy>
+ <name>report-uri-double-violated</name>
+ <tizen:application id="wrt2rud063.reportUriDoubleViolated" package="wrt2rud063" required_version="2.2"/>
+</widget>
--- /dev/null
+<!DOCTYPE html>
+<!--
+Copyright (c) 2012 Intel Corporation.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+* Redistributions of works must retain the original copyright notice, this list
+ of conditions and the following disclaimer.
+* Redistributions in binary form must reproduce the original copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+* Neither the name of Intel Corporation nor the names of its contributors
+ may be used to endorse or promote products derived from this work without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Authors:
+ Hao, Yunfei <yunfeix.hao@intel.com>
+
+-->
+
+<html>
+ <head>
+ <title>Test: report-uri-single-violated</title>
+ <link rel="author" title="Intel" href="http://www.intel.com" />
+ <link rel="help" href="http://www.w3.org/TR/2012/CR-CSP-20121115/#script-src" />
+ <meta name="flags" content="" />
+ <meta name="assert" content="script-src 'none'" />
+ <meta charset="utf-8" />
+ <script language="javascript" type="text/javascript">
+ function show_fail() {
+ if (5==eval("2+3")){
+ document.getElementById("log").innerHTML = "FAIL";
+ }
+ showtime();
+ }
+
+ function showtime(){
+ var now=new Date();
+ var year=now.getFullYear();
+ var month=now.getMonth()+1;
+ var day=now.getDate();
+ var hours=now.getHours();
+ var minutes=now.getMinutes();
+ var seconds=now.getSeconds();
+ time=year+'/'+month+'/'+day +'/'+hours+':'+minutes+':'+seconds;
+ var div1=document.getElementById('div1');
+ div1.innerHTML=time;
+ }
+ </script>
+ <script language="javascript" type="text/javascript" src="js/test.js"></script>
+ </head>
+ <body onload="show_fail()">
+ <p>1. Csp policy worked well if text "PASS" appears below.</p>
+ <div id="log">PASS</div>
+ <p>2. Log in this page at the time:.</p>
+ <div id="div1">PASS</div>
+ </body>
+</html>
--- /dev/null
+alert("FAIL");
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<widget id="http://tizen.org/report-uri-report-only-double-violated" xmlns="http://www.w3.org/ns/widgets" xmlns:tizen="http://tizen.org/ns/widgets">
+ <icon src="icon.png" height="123" width="123"/>
+ <content src="index.html"/>
+ <tizen:content-security-policy-report-only>script-src 'unsafe-inline';report-uri http://127.0.0.1:8080/opt/tct-ext02-wrt-tests/support/reportcspviolation.cgi</tizen:content-security-policy-report-only>
+ <name>report-uri-report-only-double-violated</name>
+ <tizen:application id="wrt2rur064.reportUriReportOnlyDoubleViolated" package="wrt2rur064" required_version="2.2"/>
+</widget>
--- /dev/null
+<!DOCTYPE html>
+<!--
+Copyright (c) 2012 Intel Corporation.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+* Redistributions of works must retain the original copyright notice, this list
+ of conditions and the following disclaimer.
+* Redistributions in binary form must reproduce the original copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+* Neither the name of Intel Corporation nor the names of its contributors
+ may be used to endorse or promote products derived from this work without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Authors:
+ Hao, Yunfei <yunfeix.hao@intel.com>
+
+-->
+
+<html>
+ <head>
+ <title>Test: report-uri-report-only-double-violated</title>
+ <link rel="author" title="Intel" href="http://www.intel.com" />
+ <link rel="help" href="http://www.w3.org/TR/2012/CR-CSP-20121115/#script-src" />
+ <meta name="flags" content="" />
+ <meta name="assert" content="script-src 'none'" />
+ <meta charset="utf-8" />
+ <script language="javascript" type="text/javascript">
+ function show_pass() {
+ if (5==eval("2+3")){
+ document.getElementById("log").innerHTML = "PASS";
+ }
+ showtime();
+ }
+
+ function showtime(){
+ var now=new Date();
+ var year=now.getFullYear();
+ var month=now.getMonth()+1;
+ var day=now.getDate();
+ var hours=now.getHours();
+ var minutes=now.getMinutes();
+ var seconds=now.getSeconds();
+ time=year+'/'+month+'/'+day +'/'+hours+':'+minutes+':'+seconds;
+ var div1=document.getElementById('div1');
+ div1.innerHTML=time;
+ }
+ </script>
+ <script language="javascript" type="text/javascript" src="js/test.js">
+ </script>
+ </head>
+ <body onload="show_pass()">
+ <p>1. A popup shows "PASS" on the screen.</p>
+ <p>2. Csp policy worked well if text "PASS" appears below.</p>
+ <div id="log">FAIL</div>
+ <p>3. Log in this page at the time:.</p>
+ <div id="div1"></div>
+ </body>
+</html>
--- /dev/null
+alert("PASS");
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<widget id="http://tizen.org/report-uri-report-only-single-violated" xmlns="http://www.w3.org/ns/widgets" xmlns:tizen="http://tizen.org/ns/widgets">
+ <icon src="icon.png" height="123" width="123"/>
+ <content src="index.html"/>
+ <tizen:content-security-policy-report-only>script-src 'unsafe-inline';report-uri http://127.0.0.1:8080/opt/tct-ext02-wrt-tests/support/reportcspviolation.cgi</tizen:content-security-policy-report-only>
+ <name>report-uri-report-only-single-violated</name>
+ <tizen:application id="wrt2rus062.reportUriReportOnlySingleViolated" package="wrt2rus062" required_version="2.2"/>
+</widget>
--- /dev/null
+<!DOCTYPE html>
+<!--
+Copyright (c) 2012 Intel Corporation.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+* Redistributions of works must retain the original copyright notice, this list
+ of conditions and the following disclaimer.
+* Redistributions in binary form must reproduce the original copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+* Neither the name of Intel Corporation nor the names of its contributors
+ may be used to endorse or promote products derived from this work without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Authors:
+ Hao, Yunfei <yunfeix.hao@intel.com>
+
+-->
+
+<html>
+ <head>
+ <title>Test: report-uri-report-only-single-violated</title>
+ <link rel="author" title="Intel" href="http://www.intel.com" />
+ <link rel="help" href="http://www.w3.org/TR/2012/CR-CSP-20121115/#script-src" />
+ <meta name="flags" content="" />
+ <meta name="assert" content="script-src 'none'" />
+ <meta charset="utf-8" />
+ <script language="javascript" type="text/javascript">
+ function show_pass() {
+ if (5==eval("2+3")){
+ document.getElementById("log").innerHTML = "PASS";
+ }
+ showtime();
+ }
+
+ function showtime(){
+ var now=new Date();
+ var year=now.getFullYear();
+ var month=now.getMonth()+1;
+ var day=now.getDate();
+ var hours=now.getHours();
+ var minutes=now.getMinutes();
+ var seconds=now.getSeconds();
+ time=year+'/'+month+'/'+day +'/'+hours+':'+minutes+':'+seconds;
+ var div1=document.getElementById('div1');
+ div1.innerHTML=time;
+ }
+ </script>
+ </head>
+ <body onload="show_pass()">
+ <p>1. Csp policy worked well if text "PASS" appears below.</p>
+ <div id="log">FAIL</div>
+ <p>2. Log in this page at the time:.</p>
+ <div id="div1"></div>
+ </body>
+</html>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<widget id="http://tizen.org/report-uri-single-violated" xmlns="http://www.w3.org/ns/widgets" xmlns:tizen="http://tizen.org/ns/widgets">
+ <icon src="icon.png" height="123" width="123"/>
+ <content src="index.html"/>
+ <tizen:content-security-policy>script-src 'unsafe-inline';report-uri http://127.0.0.1:8080/opt/tct-ext02-wrt-tests/support/reportcspviolation.cgi</tizen:content-security-policy>
+ <name>report-uri-single-violated</name>
+ <tizen:application id="wrt2rus061.reportUriSingleViolated" package="wrt2rus061" required_version="2.2"/>
+</widget>
--- /dev/null
+<!DOCTYPE html>
+<!--
+Copyright (c) 2012 Intel Corporation.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+* Redistributions of works must retain the original copyright notice, this list
+ of conditions and the following disclaimer.
+* Redistributions in binary form must reproduce the original copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+* Neither the name of Intel Corporation nor the names of its contributors
+ may be used to endorse or promote products derived from this work without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Authors:
+ Hao, Yunfei <yunfeix.hao@intel.com>
+
+-->
+
+<html>
+ <head>
+ <title>Test: report-uri-single-violated</title>
+ <link rel="author" title="Intel" href="http://www.intel.com" />
+ <link rel="help" href="http://www.w3.org/TR/2012/CR-CSP-20121115/#script-src" />
+ <meta name="flags" content="" />
+ <meta name="assert" content="script-src 'none'" />
+ <meta charset="utf-8" />
+ <script language="javascript" type="text/javascript">
+ function show_fail() {
+ if (5==eval("2+3")){
+ document.getElementById("log").innerHTML = "FAIL";
+ }
+ showtime();
+ }
+
+ function showtime(){
+ var now=new Date();
+ var year=now.getFullYear();
+ var month=now.getMonth()+1;
+ var day=now.getDate();
+ var hours=now.getHours();
+ var minutes=now.getMinutes();
+ var seconds=now.getSeconds();
+ time=year+'/'+month+'/'+day +'/'+hours+':'+minutes+':'+seconds;
+ var div1=document.getElementById('div1');
+ div1.innerHTML=time;
+ }
+ </script>
+ </head>
+ <body onload="show_fail()">
+ <p>1. Csp policy worked well if text "PASS" appears below.</p>
+ <div id="log">PASS</div>
+ <p>2. Log in this page at the time:.</p>
+ <div id="div1">PASS</div>
+ </body>
+</html>
--- /dev/null
+#!/usr/bin/env python
+import time
+import os
+print 'Content-Type: text/html\n\n'
+while True:
+ i = raw_input()
+ if i is None:
+ break
+ if str(i).strip()=='':
+ break
+ n = 1
+ if os.path.isfile('/tmp/csp-report.log'):
+ file_object_num = open('/tmp/csp-report.log','r')
+ for line in file_object_num:
+ if str(line).find("Time:") >= 0:
+ n = n+1
+ file_object_num.close( )
+ file_object = open('/tmp/csp-report.log', 'a')
+ file_object.write('\n %d Time:' %n)
+ file_object.write( time.strftime(' %Y-%m-%d %H:%M:%S',time.localtime(time.time())))
+ file_object.write('\n')
+ file_object.write(' Data:')
+ file_object.write(i)
+ file_object.write('\n')
+ file_object.close( )
+ print i
</spec>
</specs>
</testcase>
+ <testcase purpose="Check if report-uri can post one violation message to cgi correctly when csp policy is content-security-policy ." status="approved" component="Web/Runtime/ConfigExtension" execution_type="manual" priority="P2" id="report-uri-single-violated">
+ <description>
+ <pre_condition></pre_condition>
+ <post_condition>Uninstall the widget with the command: wrt-installer -up /opt/tct-ext02-wrt-tests/report-uri-single-violated.wgt.</post_condition>
+ <steps>
+ <step order="1">
+ <step_desc>Install the widget with the command :wrt-installer -i /opt/tct-ext02-wrt-tests/report-uri-single-violated.wgt</step_desc>
+ <expected>The widget application is installed successfully.</expected>
+ </step>
+ <step order="2">
+ <step_desc>Get the 'application id' of report-uri-single-violated.wgt with the command :"wrt-launcher -l" and launch the report-uri-single-violated.wgt with the command :"wrt-launcher -s 'application id'"</step_desc>
+ <expected>A "PASS" is displayed under the words '1.Csp policy worked well if text "PASS" appears below.'.</expected>
+ </step>
+ <step order="3">
+ <step_desc>Notice the log in time on the screen, and open log file with the command: cat /tmp/csp-report.log</step_desc>
+ <expected>At the end of the file, the last record's "Time" is the same as the "log in" time. </expected>
+ </step>
+ </steps>
+ <test_script_entry test_script_expected_result="0"></test_script_entry>
+ </description>
+ <specs>
+ <spec>
+ <spec_assertion element_type="attribute" element_name="N/A" interface="0241" specification="Configuration extension" section="Widget Configuration Extensions" category="Tizen WRT Core Specifications"/>
+ <spec_url></spec_url>
+ <spec_statement>TBD</spec_statement>
+ </spec>
+ </specs>
+ </testcase>
+ <testcase purpose="Check if report-uri can post one violation message to cgi correctly when csp policy is content-security-policy-report-only ." status="approved" component="Web/Runtime/ConfigExtension" execution_type="manual" priority="P2" id="report-uri-report-only-single-violated">
+ <description>
+ <pre_condition></pre_condition>
+ <post_condition>Uninstall the widget with the command: wrt-installer -up /opt/tct-ext02-wrt-tests/report-uri-report-only-single-violated.wgt.</post_condition>
+ <steps>
+ <step order="1">
+ <step_desc>Install the widget with the command :wrt-installer -i /opt/tct-ext02-wrt-tests/report-uri-report-only-single-violated.wgt</step_desc>
+ <expected>The widget application is installed successfully.</expected>
+ </step>
+ <step order="2">
+ <step_desc>Get the 'application id' of report-uri-report-only-single-violated.wgt with the command :"wrt-launcher -l" and launch the report-uri-report-only-single-violated.wgt with the command :"wrt-launcher -s 'application id'"</step_desc>
+ <expected>A "PASS" is displayed under the words '1.Csp policy worked well if text "PASS" appears below.'.</expected>
+ </step>
+ <step order="3">
+ <step_desc>Notice the log in time on the screen, and open log file with the command: cat /tmp/csp-report.log</step_desc>
+ <expected>At the end of the file, the last record's "Time" is the same as the "log in" time. </expected>
+ </step>
+ </steps>
+ <test_script_entry test_script_expected_result="0"></test_script_entry>
+ </description>
+ <specs>
+ <spec>
+ <spec_assertion element_type="attribute" element_name="N/A" interface="0241" specification="Configuration extension" section="Widget Configuration Extensions" category="Tizen WRT Core Specifications"/>
+ <spec_url></spec_url>
+ <spec_statement>TBD</spec_statement>
+ </spec>
+ </specs>
+ </testcase>
+ <testcase purpose="Check if report-uri can post double violation message to cgi correctly when csp policy is content-security-policy ." status="approved" component="Web/Runtime/ConfigExtension" execution_type="manual" priority="P2" id="report-uri-double-violated">
+ <description>
+ <pre_condition></pre_condition>
+ <post_condition>Uninstall the widget with the command: wrt-installer -up /opt/tct-ext02-wrt-tests/report-uri-double-violated.wgt.</post_condition>
+ <steps>
+ <step order="1">
+ <step_desc>Install the widget with the command :wrt-installer -i /opt/tct-ext02-wrt-tests/report-uri-double-violated.wgt</step_desc>
+ <expected>The widget application is installed successfully.</expected>
+ </step>
+ <step order="2">
+ <step_desc>Get the 'application id' of report-uri-double-violated.wgt with the command :"wrt-launcher -l" and launch the report-uri-double-violated.wgt with the command :"wrt-launcher -s 'application id'"</step_desc>
+ <expected>A "PASS" is displayed under the words '1.Csp policy worked well if text "PASS" appears below.'.</expected>
+ </step>
+ <step order="3">
+ <step_desc>Notice the log in time on the screen, and open log file with the command: cat /tmp/csp-report.log</step_desc>
+ <expected>At the end of the file, the last two records' "Time" are the same as the "log in" time. </expected>
+ </step>
+ </steps>
+ <test_script_entry test_script_expected_result="0"></test_script_entry>
+ </description>
+ <specs>
+ <spec>
+ <spec_assertion element_type="attribute" element_name="N/A" interface="0241" specification="Configuration extension" section="Widget Configuration Extensions" category="Tizen WRT Core Specifications"/>
+ <spec_url></spec_url>
+ <spec_statement>TBD</spec_statement>
+ </spec>
+ </specs>
+ </testcase>
+ <testcase purpose="Check if report-uri can post double violation message to cgi correctly when csp policy is content-security-policy-report-only ." status="approved" component="Web/Runtime/ConfigExtension" execution_type="manual" priority="P2" id="report-uri-report-only-double-violated">
+ <description>
+ <pre_condition></pre_condition>
+ <post_condition>Uninstall the widget with the command: wrt-installer -up /opt/tct-ext02-wrt-tests/report-uri-report-only-double-violated.wgt.</post_condition>
+ <steps>
+ <step order="1">
+ <step_desc>Install the widget with the command :wrt-installer -i /opt/tct-ext02-wrt-tests/report-uri-report-only-double-violated.wgt</step_desc>
+ <expected>The widget application is installed successfully.</expected>
+ </step>
+ <step order="2">
+ <step_desc>Get the 'application id' of report-uri-report-only-double-violated.wgt with the command :"wrt-launcher -l" and launch the report-uri-report-only-double-violated.wgt with the command :"wrt-launcher -s 'application id'"</step_desc>
+ <expected>A popup with "PASS" displayed on the screen.</expected>
+ </step>
+ <step order="3">
+ <step_desc>Click "OK" button on the popup</step_desc>
+ <expected>A "PASS" is displayed under the words '2.Csp policy worked well if text "PASS" appears below.'.</expected>
+ </step>
+ <step order="4">
+ <step_desc>Notice the log in time on the screen, and open log file with the command: cat /tmp/csp-report.log</step_desc>
+ <expected>At the end of the file, the last two records' "Time" are the same as the "log in" time. </expected>
+ </step>
+ </steps>
+ <test_script_entry test_script_expected_result="0"></test_script_entry>
+ </description>
+ <specs>
+ <spec>
+ <spec_assertion element_type="attribute" element_name="N/A" interface="0241" specification="Configuration extension" section="Widget Configuration Extensions" category="Tizen WRT Core Specifications"/>
+ <spec_url></spec_url>
+ <spec_statement>TBD</spec_statement>
+ </spec>
+ </specs>
+ </testcase>
</set>
</suite>
</test_definition>
projects / test / tct / web / wrt.git / commitdiff
