-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2 from JackuB/JackuB/replace-cloneNode
Replace clone node and introduce tests
- Loading branch information
Showing
20 changed files
with
4,569 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
; EditorConfig file: http://EditorConfig.org | ||
; Install the "EditorConfig" plugin into your editor to use | ||
|
||
root = true | ||
|
||
[*] | ||
charset = utf-8 | ||
insert_final_newline = true | ||
indent_style = space | ||
indent_size = 2 | ||
trim_trailing_whitespace = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,3 +20,6 @@ jspm_packages/ | |
|
||
# dotenv environment variables file | ||
.env | ||
cypress/videos | ||
cypress/plugins | ||
cypress/support |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,3 +3,5 @@ index.html | |
markdown.css | ||
prism.js | ||
sri-issue-chrome.jpg | ||
cypress | ||
docs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
{ | ||
"baseUrl": "http://localhost:8080/cypress/fixtures" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
document.body.innerText = 'Compromised script loaded'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
document.body.innerText = 'Fallback script loaded'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
document.body.innerText = 'First script loaded'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> | ||
<title>SRI test page</title> | ||
<script src="../../dist/sri.min.js"></script> | ||
</head> | ||
<body> | ||
Hello world | ||
</body> | ||
<script src="original.js"></script> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> | ||
<title>SRI test page</title> | ||
<script> | ||
window.resourceLoadError = function(err, isRetry) { | ||
if (isRetry) { | ||
return document.body.innerText = 'resourceLoadError - Loading original and fallback failed'; | ||
} | ||
return document.body.innerText = 'resourceLoadError - Loading original failed'; | ||
} | ||
</script> | ||
<script src="../../dist/sri.min.js"></script> | ||
</head> | ||
<body> | ||
Hello world | ||
</body> | ||
<script | ||
integrity="sha384-OrJIrkeihvBqc462zAEWV6zORyz5ndLEcrgV7E9AGgfWHIQmDY3LOuW6gNdp0BnT" | ||
data-sri-fallback="fallback.js" | ||
src="original.js"></script> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> | ||
<title>SRI test page</title> | ||
<script> | ||
window.resourceLoadError = function(err, isRetry) { | ||
if (isRetry) { | ||
return document.body.innerText = 'resourceLoadError - Loading original and fallback failed'; | ||
} | ||
return document.body.innerText = 'resourceLoadError - Loading original failed'; | ||
} | ||
</script> | ||
<script src="../../dist/sri.min.js"></script> | ||
</head> | ||
<body> | ||
Hello world | ||
</body> | ||
<script | ||
integrity="sha384-P1xTGaIgVabFWRf0XeD0lA31UGgVPqAkqplIiwzgGvJrEGwODrAihG41Uq+K5XE3" | ||
data-sri-fallback="fallback.js" | ||
src="original.js"></script> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> | ||
<title>SRI test page</title> | ||
<script> | ||
window.resourceLoadError = function(err, isRetry) { | ||
if (isRetry) { | ||
return document.body.innerText = 'resourceLoadError - Loading original and fallback failed'; | ||
} | ||
return document.body.innerText = 'resourceLoadError - Loading original failed'; | ||
} | ||
</script> | ||
<script src="../../dist/sri.min.js"></script> | ||
</head> | ||
<body> | ||
Hello world | ||
</body> | ||
<script | ||
integrity="sha384-NOPErJIrkeihvBqc462zAEWV6zORyz5ndLEcrgV7E9AGgfWHIQmDY3LOuW6gNdp0BnT" | ||
data-sri-fallback="fallback.js" | ||
src="original.js"></script> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> | ||
<title>SRI test page</title> | ||
<script> | ||
window.resourceLoadError = function(err, isRetry) { | ||
if (isRetry) { | ||
return document.body.innerText = 'resourceLoadError - Loading original and fallback failed'; | ||
} | ||
return document.body.innerText = 'resourceLoadError - Loading original failed'; | ||
} | ||
</script> | ||
<script src="../../dist/sri.min.js"></script> | ||
</head> | ||
<body> | ||
Hello world | ||
</body> | ||
<script | ||
integrity="sha384-P1xTGaIgVabFWRf0XeD0lA31UGgVPqAkqplIiwzgGvJrEGwODrAihG41Uq+K5XE3" | ||
src="compromised.js"></script> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
<head> | ||
<meta charset="UTF-8"> | ||
<meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> | ||
<title>SRI test page</title> | ||
<script> | ||
window.resourceLoadError = function(err, isRetry) { | ||
if (isRetry) { | ||
return document.body.innerText = 'resourceLoadError - Loading original and fallback failed'; | ||
} | ||
return document.body.innerText = 'resourceLoadError - Loading original failed'; | ||
} | ||
</script> | ||
<script src="../../dist/sri.min.js"></script> | ||
</head> | ||
<body> | ||
Hello world | ||
</body> | ||
<script | ||
integrity="sha384-OrJIrkeihvBqc462zAEWV6zORyz5ndLEcrgV7E9AGgfWHIQmDY3LOuW6gNdp0BnT" | ||
src="original.js"></script> | ||
<script | ||
integrity="sha384-P1xTGaIgVabFWRf0XeD0lA31UGgVPqAkqplIiwzgGvJrEGwODrAihG41Uq+K5XE3" | ||
src="compromised.js"></script> | ||
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
/* | ||
Scenarios | ||
- fail SRI on first script and load fallback without SRI | ||
*/ | ||
|
||
describe('Plain JS', function() { | ||
it('successfully loads original script', function() { | ||
cy.visit('scenario-1.html'); | ||
cy.contains('body', 'First script loaded'); | ||
}); | ||
}); | ||
|
||
describe('JS with valid SRI', function() { | ||
it('successfully loads original script', function() { | ||
cy.visit('scenario-2.html'); | ||
cy.contains('body', 'First script loaded'); | ||
}); | ||
}); | ||
|
||
describe('JS with invalid SRI, but valid fallback', function() { | ||
it('fails to load original script', function() { | ||
cy.visit('scenario-3.html'); | ||
cy.get('body').should('not.contain', 'First script loaded'); | ||
}); | ||
|
||
it('loads the fallback script', function() { | ||
cy.contains('body', 'Fallback script loaded'); | ||
}); | ||
|
||
it('does not execute the resourceLoadError callback', function() { | ||
cy.get('body').should('not.contain', 'resourceLoadError'); | ||
}); | ||
}); | ||
|
||
describe('JS with invalid SRI and fallback (invalid hash)', function() { | ||
it('fails to load original script', function() { | ||
cy.visit('scenario-4.html'); | ||
cy.get('body').should('not.contain', 'First script loaded'); | ||
}); | ||
|
||
it('fails to load the fallback script', function() { | ||
cy.get('body').should('not.contain', 'Fallback script loaded'); | ||
}); | ||
|
||
it('executes the resourceLoadError callback', function() { | ||
cy.contains('body', 'resourceLoadError'); | ||
cy.contains('body', 'Loading original and fallback failed'); | ||
}); | ||
}); | ||
|
||
describe('JS with invalid SRI (compromised file)', function() { | ||
it('fails to load original script', function() { | ||
cy.visit('scenario-5.html'); | ||
cy.get('body').should('not.contain', 'First script loaded'); | ||
}); | ||
|
||
it('executes the resourceLoadError callback', function() { | ||
cy.contains('body', 'resourceLoadError'); | ||
cy.contains('body', 'Loading original failed'); | ||
}); | ||
}); | ||
|
||
describe('Multiple JS files with SRI, one is compromised', function() { | ||
it('fails to load original script', function() { | ||
cy.visit('scenario-5.html'); | ||
cy.get('body').should('not.contain', 'First script loaded'); | ||
}); | ||
|
||
it('executes the resourceLoadError callback', function() { | ||
cy.contains('body', 'resourceLoadError'); | ||
cy.contains('body', 'Loading original failed'); | ||
}); | ||
}); |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.