--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<widget id="http://tizen.org/config-default-header-null" xmlns="http://www.w3.org/ns/widgets" xmlns:tizen="http://tizen.org/ns/widgets">
+ <tizen:content-security-policy></tizen:content-security-policy>
+ <icon src="custom.png" height="123" width="123"/>
+ <content src="index.html"/>
+ <name>config-default-header-null</name>
+ <tizen:application id="wrt5cdh102.configDefaultHeaderNull" package="wrt5cdh102" required_version="2.2"/>
+</widget>
--- /dev/null
+<!DOCTYPE html>
+<!--
+Copyright (c) 2012 Intel Corporation.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+* Redistributions of works must retain the original copyright notice, this list
+ of conditions and the following disclaimer.
+* Redistributions in binary form must reproduce the original copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+* Neither the name of Intel Corporation nor the names of its contributors
+ may be used to endorse or promote products derived from this work without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Authors:
+ Hao, Yunfei <yunfeix.hao@intel.com>
+
+-->
+
+<html>
+ <head>
+ <title>WRT Test: config-normal-header-null</title>
+ <link rel="author" title="Intel" href="http://www.intel.com" />
+ <link rel="help" href="" />
+ <meta name="flags" content="" />
+ <meta name="assert" content="Check that user agent is able to use internal font resource when font-src is self." />
+ <meta charset="utf-8">
+ <style>
+ @font-face {
+ font-family: Canvas;
+ src: url("w3c/support/CanvasTest.ttf");
+ }
+ #test {
+ font-family: Canvas;
+ }
+ @font-face {
+ font-family: Canvas1;
+ src: url("http://127.0.0.1:8081/opt/tct-ext02-wrt-tests/w3c/support/CanvasTest.ttf");
+ }
+ #test1 {
+ font-family: Canvas1;
+ }
+ </style>
+ <script language="javascript" type="text/javascript" src="pass.js">
+ </script>
+ </head>
+ <body onload="show_fail()">
+ <p style="color:blue">One:Test passes if the two lines are different in font</p>
+ <div id="test">1234 ABCD</div>
+ <div>1234 ABCD</div>
+ <p style="color:blue">Two:Test passes if the two lines are same in font</p>
+ <div id="test1">1234 ABCD</div>
+ <div>1234 ABCD</div>
+ <p style="color:blue">Three:Test passes if text "PASS" appears below.</p>
+ <div id="log">FAIL</div>
+ </body>
+</html>
--- /dev/null
+function show_fail() {
+ document.getElementById("log").innerHTML = "PASS";
+}
+
--- /dev/null
+CanvasTest.ttf comes from
+http://w3c-test.org/html/tests/approved/fonts/CanvasTest.ttf
+without any modification.
+
+These tests are copyright by W3C and/or the author listed in the test
+file. The tests are dual-licensed under the W3C Test Suite License:
+http://www.w3.org/Consortium/Legal/2008/04-testsuite-license
+and the BSD 3-clause License:
+http://www.w3.org/Consortium/Legal/2008/03-bsd-license
+under W3C's test suite licensing policy:
+http://www.w3.org/Consortium/Legal/2008/04-testsuite-copyright
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<widget id="http://tizen.org/config-normal-header-null" xmlns="http://www.w3.org/ns/widgets" xmlns:tizen="http://tizen.org/ns/widgets">
+ <tizen:content-security-policy>font-src 'self'</tizen:content-security-policy>
+ <icon src="custom.png" height="123" width="123"/>
+ <content src="index.html"/>
+ <name>config-normal-header-null</name>
+ <tizen:application id="wrt5cnh101.configNormalHeaderNull" package="wrt5cnh101" required_version="2.2"/>
+</widget>
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Authors:
- yunfeix.hao <yunfeix.hao@intel.com>
+ Hao, Yunfei <yunfeix.hao@intel.com>
-->
<html>
<head>
- <title>WRT Test: enforce-csp-to-resource</title>
+ <title>WRT Test: config-normal-header-null</title>
<link rel="author" title="Intel" href="http://www.intel.com" />
- <link rel="help" href="http://www.w3.org/TR/CSP" />
+ <link rel="help" href="" />
<meta name="flags" content="" />
- <meta name="assert" content="Check WRT MUST enforce CSP policy to a main resource if the WRT is in CSP-based security mode." />
+ <meta name="assert" content="Check that user agent is able to use internal font resource when font-src is self." />
<meta charset="utf-8">
- <style>body{ background:red }</style>
- </head>
- <body onload="test()" id="body">
- <h1 id="verdict">FAIL</h1>
- <p id="reason">Test did not run.</p>
- <script src="support/csp.js"></script>
+ <style>
+ @font-face {
+ font-family: Canvas;
+ src: url("w3c/support/CanvasTest.ttf");
+ }
+ #test {
+ font-family: Canvas;
+ }
+ @font-face {
+ font-family: Canvas1;
+ src: url("http://127.0.0.1:8081/opt/tct-ext02-wrt-tests/w3c/support/CanvasTest.ttf");
+ }
+ #test1 {
+ font-family: Canvas1;
+ }
+ </style>
<script language="javascript" type="text/javascript">
- var id = "enforce-csp-to-resource";
- var reason = document.getElementById("reason");
- var body = document.getElementById("body");
- var verdict = document.getElementById("verdict");
-
- /* Called if the test passed */
- function pass(excuse) {
- body.style.backgroundColor = "green";
- verdict.innerHTML = "PASS";
- reason.innerHTML = excuse;
- }
-
- /* Called if the test failed */
- function fail(excuse) {
- reason.innerHTML = excuse;
- }
-
- /*Called to perform the test */
- function test() {
- try {
- var xhr = new XMLHttpRequest();
- xhr.open("GET", "support/csp.js");
- why = "Test "+ id +" passed because WRT MUST enforce CSP policy to a main resource if the WRT is in CSP-based security mode.";
- pass(why);
- } catch(e) {
- why = "Test "+ id +" failed by throwing the following exception: " + e;
- fail(why);
+ function show_fail() {
+ document.getElementById("log").innerHTML = "FAIL";
}
- }
</script>
- </body>
+ </head>
+ <body onload="show_fail()">
+ <p style="color:blue">One:Test passes if the two lines are different in font</p>
+ <div id="test">1234 ABCD</div>
+ <div>1234 ABCD</div>
+ <p style="color:blue">Two:Test passes if the two lines are same in font</p>
+ <div id="test1">1234 ABCD</div>
+ <div>1234 ABCD</div>
+ <p style="color:blue">Three:Test passes if text "PASS" appears below.</p>
+ <div id="log">PASS</div>
+ </body>
</html>
--- /dev/null
+CanvasTest.ttf comes from
+http://w3c-test.org/html/tests/approved/fonts/CanvasTest.ttf
+without any modification.
+
+These tests are copyright by W3C and/or the author listed in the test
+file. The tests are dual-licensed under the W3C Test Suite License:
+http://www.w3.org/Consortium/Legal/2008/04-testsuite-license
+and the BSD 3-clause License:
+http://www.w3.org/Consortium/Legal/2008/03-bsd-license
+under W3C's test suite licensing policy:
+http://www.w3.org/Consortium/Legal/2008/04-testsuite-copyright
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<widget xmlns="http://www.w3.org/ns/widgets" xmlns:tizen="http://tizen.org/ns/widgets" id="http://tizen.org/enforce-csp-to-resource" version="1.0.0" viewmodes="maximized">
- <tizen:content-security-policy>connect-src *</tizen:content-security-policy>
- <tizen:application id="wrt8ect001.EnforceCspToResource" package="wrt8ect001" required_version="2.2"/>
- <content src="index.html"/>
- <icon src="custom.png"/>
- <name>enforce-csp-to-resource</name>
- <tizen:setting install-location="auto"/>
-</widget>
+++ /dev/null
-/*
-Copyright (c) 2013 Intel Corporation.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
-* Redistributions of works must retain the original copyright notice, this list
- of conditions and the following disclaimer.
-* Redistributions in binary form must reproduce the original copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
-* Neither the name of Intel Corporation nor the names of its contributors
- may be used to endorse or promote products derived from this work without
- specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
-OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-Authors:
- Zhang, Zhiqiang <zhiqiang.zhang@intel.com>
-
-*/
-
-var X = 10;
-var Y = eval(X + 17);
\ No newline at end of file
</spec>
</specs>
</testcase>
- <testcase purpose="Check that WRT MUST enforce CSP policy to a main resource if the WRT is in CSP-based security mode." type="user_experience" status="approved" component="Web/Runtime/SecurityPrivacy" execution_type="manual" priority="P1" id="enforce-csp-to-resource">
- <description>
- <pre_condition>Make sure enforce-csp-to-resource.wgt is installed with the command : wrt-installer -i /opt/tct-sp02-wrt-tests/enforce-csp-to-resource.wgt</pre_condition>
- <post_condition>Get the 'application id' of enforce-csp-to-resource.wgt with the command : wrt-launcher -l, then uninstall the enforce-csp-to-resource.wgt with the command : wrt-installer -un 'application id'</post_condition>
- <steps>
- <step order="1">
- <step_desc>Install enforce-csp-to-resource.wgt application with the command : wrt-installer -i /opt/tct-sp02-wrt-tests/enforce-csp-to-resource.wgt</step_desc>
- <expected>Widget application is able to be installed successfully</expected>
- </step>
- <step order="2">
- <step_desc>Get the 'application id' of enforce-csp-to-resource.wgt with the command :"wrt-launcher -l" and launch the enforce-csp-to-resource.wgt with the command :"wrt-launcher -s 'application id'".</step_desc>
- <expected>The screen shows "PASS" on green background.</expected>
- </step>
- </steps>
- <test_script_entry timeout="90">/opt/tct-sp02-wrt-tests/enforce-csp-to-resource.wgt</test_script_entry>
- <notes></notes>
- </description>
- <specs>
- <spec>
- <spec_assertion element_type="attribute" element_name="N/A" interface="0740" specification="Content Security Policy" section="Web Application Security and Privacy" category="Tizen WRT Core Specifications"></spec_assertion>
- <spec_url></spec_url>
- <spec_statement></spec_statement>
- </spec>
- </specs>
- </testcase>
<testcase purpose="Check that WRT MUST enforce CSP policy in content-security-policy tag in config.xml." type="user_experience" status="approved" component="Web/Runtime/SecurityPrivacy" execution_type="manual" priority="P1" id="config-xml-with-csp">
<description>
<pre_condition>Make sure config-xml-with-csp.wgt is installed with the command : wrt-installer -i /opt/tct-sp02-wrt-tests/config-xml-with-csp.wgt</pre_condition>
</spec>
</specs>
</testcase>
+ <testcase purpose="Check if the configuration-based CSP policy will be enforced and the default CSP policy will be ignored when CSP policy is present in config.xml." type="user_experience" status="approved" component="Web/Runtime/SecurityPrivacy" execution_type="manual" priority="P1" id="config-normal-header-null">
+ <description>
+ <pre_condition></pre_condition>
+ <post_condition>Uninstall the widget with the command: wrt-installer -up /opt/tct-sp02-wrt-tests/config-normal-header-null.wgt</post_condition>
+ <steps>
+ <step order="1">
+ <step_desc>Install /opt/tct-sp02-wrt-tests/config-normal-header-null.wgt application with the command : wrt-installer -i /opt/tct-sp02-wrt-tests/config-normal-header-null.wgt</step_desc>
+ <expected>Widget application is able to be installed successfully</expected>
+ </step>
+ <step order="2">
+ <step_desc>Get the 'application id' of config-normal-header-null.wgt with the command :"wrt-launcher -l" and launch the config-normal-header-null.wgt with the command :"wrt-launcher -s 'application id'".</step_desc>
+ <expected>For Test One, two lines are different in font; For Test Two, two lines are same in font;For Test Three, a "PASS" shows on the screen.</expected>
+ </step>
+ </steps>
+ <test_script_entry timeout="90">/opt/tct-sp02-wrt-tests/config-normal-header-null.wgt</test_script_entry>
+ <notes></notes>
+ </description>
+ <specs>
+ <spec>
+ <spec_assertion element_type="attribute" element_name="N/A" interface="0743" specification="Content Security Policy" section="Web Application Security and Privacy" category="Tizen WRT Core Specifications"></spec_assertion>
+ <spec_url></spec_url>
+ <spec_statement></spec_statement>
+ </spec>
+ </specs>
+ </testcase>
+ <testcase purpose="Check if the default CSP policy will be enforced when CSP policy is not present in config.xml." type="user_experience" status="approved" component="Web/Runtime/SecurityPrivacy" execution_type="manual" priority="P1" id="config-default-header-null">
+ <description>
+ <pre_condition></pre_condition>
+ <post_condition>Uninstall the widget with the command: wrt-installer -up /opt/tct-sp02-wrt-tests/config-default-header-null.wgt</post_condition>
+ <steps>
+ <step order="1">
+ <step_desc>Install /opt/tct-sp02-wrt-tests/config-default-header-null.wgt application with the command : wrt-installer -i /opt/tct-sp02-wrt-tests/config-default-header-null.wgt</step_desc>
+ <expected>Widget application is able to be installed successfully</expected>
+ </step>
+ <step order="2">
+ <step_desc>Get the 'application id' of config-default-header-null.wgt with the command :"wrt-launcher -l" and launch the config-default-header-null.wgt with the command :"wrt-launcher -s 'application id'".</step_desc>
+ <expected>For Test One, two lines are different in font; For Test Two, two lines are same in font;For Test Three, a "PASS" shows on the screen.</expected>
+ </step>
+ </steps>
+ <test_script_entry timeout="90">/opt/tct-sp02-wrt-tests/config-default-header-null.wgt</test_script_entry>
+ <notes></notes>
+ </description>
+ <specs>
+ <spec>
+ <spec_assertion element_type="attribute" element_name="N/A" interface="0743" specification="Content Security Policy" section="Web Application Security and Privacy" category="Tizen WRT Core Specifications"></spec_assertion>
+ <spec_url></spec_url>
+ <spec_statement></spec_statement>
+ </spec>
+ </specs>
+ </testcase>
</set>
</suite>
</test_definition>