Changeset 197972 in webkit

Timestamp:

Mar 10, 2016 4:45:13 PM (8 years ago)

Author:

dbates@webkit.org

Message:

CSP: Implement frame-ancestors directive
​https://bugs.webkit.org/show_bug.cgi?id=154345
<rdar://problem/24702161>

Reviewed by Brent Fulgham.

Source/WebCore:

Add support for the Content Security Policy directive frame-ancestors per the Content Security
Policy 2.0 spec., <​https://www.w3.org/TR/2015/CR-CSP2-20150721/>.

Tests: http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored.html

http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored.html
http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https.html
http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin.html
http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https.html
http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin.html

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied): Extracted from DocumentLoader::responseReceived().
(WebCore::DocumentLoader::responseReceived): Extracted logic to cancel a load and dispatch a DOM Load
event at the frame owner into DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
Make use of this function when loading of the frame is blocked by either the Content Security Policy or
the X-Frame-Option policy. We explicitly instantiate a ContentSecurityPolicy object with a SecurityOrigin
and Frame instead of using ScriptExecutionContext m_frame->document() because m_frame->document() is not
in a stable state (for instance, Document::m_url has not been initialized) as we are in the process of
loading the underlying document data for it.

• loader/DocumentLoader.h:
• loader/FrameLoader.cpp:

(WebCore::FrameLoader::didBeginDocument): Pass ContentSecurityPolicy::ReportParsingErrors::No to silence
errors raised when parsing the Content Security Policy headers to avoid duplicate error messages. Any
parsing errors would have been raised when we parsed the Content Security Policy in DocumentLoader.

• page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Modified to take an optional pointer to a Frame (defaults
to nullptr). The specified Frame is used to support emitting console messages for violations/syntax errors and
send violation reports. We make use of this constructor variant in DocumentLoader to support emitting console
message and sending violation reports in the context of DocumentLoader where its associated Document is not in a
stable state and making use of a Frame seems less error prone.
(WebCore::ContentSecurityPolicy::didReceiveHeaders): Modified to take argument reportParsingErrors as
to whether to silence parsing errors when parsing the specified headers.
(WebCore::isAllowedByAllWithFrame): Helper function to query a ContentSecurityPolicyDirectiveList function
passing a Frame and URL for each Content Security Policy.
(WebCore::ContentSecurityPolicy::allowFrameAncestors): Calls WebCore::isAllowedByAllWithFrame().
(WebCore::ContentSecurityPolicy::reportViolation): Modified to support sending a violation report when
we have a Frame and no ScriptExecutionContext (such as when we are instantiated in DocumentLoader).
Additionally, we only will send a report if reporting is enabled (i.e. ContentSecurityPolicy::m_isReportingEnabled == true).
(WebCore::ContentSecurityPolicy::logToConsole): Modified to support logging a message to the console
we have a Frame and no ScriptExecutionContext. We also only allow logging if reporting is enabled.

• page/csp/ContentSecurityPolicy.h:
• page/csp/ContentSecurityPolicyDirectiveList.cpp:

(WebCore::checkFrameAncestors): Added.
(WebCore::ContentSecurityPolicyDirectiveList::checkFrameAncestorsAndReportViolation): Added.
(WebCore::ContentSecurityPolicyDirectiveList::allowFrameAncestors): Added.
(WebCore::ContentSecurityPolicyDirectiveList::parse): Ignore the directive frame-ancestors when defined
in a policy given in an HTML meta element and report such use as invalid.
(WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the directive frame-ancestors.

• page/csp/ContentSecurityPolicyDirectiveList.h:
• page/csp/ContentSecurityPolicyResponseHeaders.h: Mark constructor "explicit".

LayoutTests:

Adds new tests to ensure we ignore directive frame-ancestors when defined a policy delivered
in an HTML meta element or in a report-only policy (i.e. delivered via HTTP header Content-
Security-Policy-Report-Only). Also adds new test to ensure that we send a violation report
when the directive frame-ancestors is violated.

Updated many existing tests and test results that unnecessarily depended on a DOM SecurityError
exception being thrown when accessing the content of a cross-origin frame. It is sufficient
and more direct to test directive frame-ancestors by dumping the contents of all children frames
on the page. We design the tests such that a child frame that was blocked by the frame-ancestors
directive is expected to have no content. A child frame that was allowed by the frame-ancestors
directive is expected to have content.

• TestExpectations: Mark frame-ancestors tests as PASS so that we run them.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored-expected.txt: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored.html: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored-expected.txt: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored.html: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block-expected.txt:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block.html:
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-expected.txt: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https-expected.txt: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https.html: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin.html: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-expected.txt: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https-expected.txt: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https.html: Added.
• http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin.html: Added.
• http/tests/security/contentSecurityPolicy/resources/echo-intertag.pl: Added.
• http/tests/security/contentSecurityPolicy/resources/frame-ancestors-test.js:

(done): Added.
(injectIFrame): Modified to make use of handleFrameEvent().
(handleFrameEvent): Added.
(iframeLoaded): Deleted.

• http/tests/security/contentSecurityPolicy/resources/frame-in-frame.pl:

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/TestExpectations (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored-expected.txt (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored.html (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored-expected.txt (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored.html (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow-expected.txt (modified) (2 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-expected.txt (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https-expected.txt (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https.html (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin.html (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-expected.txt (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https-expected.txt (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https.html (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin.html (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/resources/echo-intertag.pl (added)
• LayoutTests/http/tests/security/contentSecurityPolicy/resources/frame-ancestors-test.js (modified) (3 diffs)
• LayoutTests/http/tests/security/contentSecurityPolicy/resources/frame-in-frame.pl (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/loader/DocumentLoader.cpp (modified) (3 diffs)
• Source/WebCore/loader/DocumentLoader.h (modified) (1 diff)
• Source/WebCore/loader/FrameLoader.cpp (modified) (1 diff)
• Source/WebCore/page/csp/ContentSecurityPolicy.cpp (modified) (7 diffs)
• Source/WebCore/page/csp/ContentSecurityPolicy.h (modified) (5 diffs)
• Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp (modified) (7 diffs)
• Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h (modified) (3 diffs)
• Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2016-03-10  Daniel Bates  <dabates@apple.com>
+
+        CSP: Implement frame-ancestors directive
+        https://bugs.webkit.org/show_bug.cgi?id=154345
+        <rdar://problem/24702161>
+
+        Reviewed by Brent Fulgham.
+
+        Adds new tests to ensure we ignore directive frame-ancestors when defined a policy delivered
+        in an HTML meta element or in a report-only policy (i.e. delivered via HTTP header Content-
+        Security-Policy-Report-Only). Also adds new test to ensure that we send a violation report
+        when the directive frame-ancestors is violated.
+
+        Updated many existing tests and test results that unnecessarily depended on a DOM SecurityError
+        exception being thrown when accessing the content of a cross-origin frame. It is sufficient
+        and more direct to test directive frame-ancestors by dumping the contents of all children frames
+        on the page. We design the tests such that a child frame that was blocked by the frame-ancestors
+        directive is expected to have no content. A child frame that was allowed by the frame-ancestors
+        directive is expected to have content.
+
+        * TestExpectations: Mark frame-ancestors tests as PASS so that we run them.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block-expected.txt:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block.html:
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https-expected.txt: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https.html: Added.
+        * http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin.html: Added.
+        * http/tests/security/contentSecurityPolicy/resources/echo-intertag.pl: Added.
+        * http/tests/security/contentSecurityPolicy/resources/frame-ancestors-test.js:
+        (done): Added.
+        (injectIFrame): Modified to make use of handleFrameEvent().
+        (handleFrameEvent): Added.
+        (iframeLoaded): Deleted.
+        * http/tests/security/contentSecurityPolicy/resources/frame-in-frame.pl:
+
 2016-03-10  Andy VanWagoner  <andy@instructure.com>
 

trunk/LayoutTests/TestExpectations

@@ -809 +809 @@
 webkit.org/b/85558 http/tests/security/contentSecurityPolicy/1.1
 http/tests/security/contentSecurityPolicy/1.1/child-src [ Pass ]
+http/tests/security/contentSecurityPolicy/1.1/frame-ancestors [ Pass ]
 http/tests/security/contentSecurityPolicy/1.1/form-action-src-allowed.html [ Pass ]
 http/tests/security/contentSecurityPolicy/1.1/form-action-src-blocked.html [ Pass ]

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27none%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
-A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.
+CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='none'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a cross-origin child with a policy of "'none'" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.");
-
-        testNestedIFrame("'none'", CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+testNestedIFrame("'none'", CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27self%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
-A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.
+CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='self'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a cross-origin child with a policy of "'self'" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.");
-
-        testNestedIFrame("'self'", CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("'self'", CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=*'.
-A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.
+A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a cross-origin child with a policy of "*" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.");
-
-        testNestedIFrame("*", CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("*", CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_LOAD);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://127.0.0.1:8000%20http://localhost:8080'.
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a cross-origin child with a policy of "http://127.0.0.1:8000 http://localhost:8080" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_LOAD);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://localhost:8080' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors http://localhost:8080".
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a cross-origin child with a policy of "http://localhost:8080" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        testNestedIFrame(CROSSORIGIN_ORIGIN, CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame(CROSSORIGIN_ORIGIN, CROSS_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27none%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
-A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.
+CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='none'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a cross-origin child with a policy of "'none'" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html

@@ -3 +3 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.");
-
-        testNestedIFrame("'none'", SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("'none'", SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27self%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
-A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.
+CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='self'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a cross-origin child with a policy of "'self'" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.");
-
-        testNestedIFrame("'self'", SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("'self'", SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow-expected.txt

@@ -1 @@
-A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.
+A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test PASSED if no console message declares that the frame was blocked.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a cross-origin child with a policy of "*" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.");
-
-        debug("Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.");
-        testNestedIFrame("*", SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test PASSED if no console message declares that the frame was blocked.</p>
+<script>
+    testNestedIFrame("*", SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow-expected.txt

@@ -1 @@
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test PASSED if no console message declares that the frame was blocked.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a cross-origin child with a policy of "http://127.0.0.1:8000 http://localhost:8080" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        debug("Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.");
-        testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test PASSED if no console message declares that the frame was blocked.</p>
+<script>
+    testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://localhost:8080' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors http://localhost:8080".
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a cross-origin child with a policy of "http://localhost:8080" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        testNestedIFrame(CROSSORIGIN_ORIGIN, SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame(CROSSORIGIN_ORIGIN, SAME_ORIGIN, CROSS_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27none%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
-A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.
+CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='none'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a same-origin child with a policy of "'none'" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.");
-
-        testNestedIFrame("'none'", CROSS_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("'none'", CROSS_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27self%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
-A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.
+CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='self'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a same-origin child with a policy of "'self'" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.");
-
-        testNestedIFrame("'self'", CROSS_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("'self'", CROSS_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=*'.
-A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.
+A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a same-origin child with a policy of "*" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.");
-
-        testNestedIFrame("*", CROSS_ORIGIN, SAME_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("*", CROSS_ORIGIN, SAME_ORIGIN, EXPECT_LOAD);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://127.0.0.1:8000%20http://localhost:8080'.
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a same-origin child with a policy of "http://127.0.0.1:8000 http://localhost:8080" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, CROSS_ORIGIN, SAME_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame(SAMEORIGIN_ORIGIN + " " + CROSSORIGIN_ORIGIN, CROSS_ORIGIN, SAME_ORIGIN, EXPECT_LOAD); 
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://127.0.0.1:8000' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors http://127.0.0.1:8000".
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a same-origin child with a policy of "http://127.0.0.1:8000" nested in a cross-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        testNestedIFrame(SAMEORIGIN_ORIGIN, CROSS_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame(SAMEORIGIN_ORIGIN, CROSS_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27none%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
-A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.
+CONSOLE MESSAGE: Refused to display 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='none'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a same-origin child with a policy of "'none'" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.");
-
-        testNestedIFrame("'none'", SAME_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("'none'", SAME_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27self%27'.
-A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.
+A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a same-origin child with a policy of "'self'" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.");
-
-        testNestedIFrame("'self'", SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("'self'", SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=*'.
-A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.
+A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a same-origin child with a policy of "*" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value '*' should render in nested frames.");
-
-        testNestedIFrame("*", SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value '*' should render in nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("*", SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://127.0.0.1:8000'.
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a same-origin child with a policy of "http://127.0.0.1:8000" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        testNestedIFrame(SAMEORIGIN_ORIGIN, SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame(SAMEORIGIN_ORIGIN, SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: Refused to display 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://localhost:8080' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors http://localhost:8080".
-A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +10 @@
 Testing a same-origin child with a policy of "http://localhost:8080" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.");
-
-        testNestedIFrame(CROSSORIGIN_ORIGIN, SAME_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate. This test PASSED if you do not see any content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame(CROSSORIGIN_ORIGIN, SAME_ORIGIN, SAME_ORIGIN, EXPECT_BLOCK);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27none%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
-A 'frame-ancestors' CSP directive with a value 'none' should block rendering.
+CONSOLE MESSAGE: Refused to display 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='none'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'none' should block rendering. This test PASSED if you do not see any content in the iframe below. Otherwise, it FAILED.
 
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-none-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'none' should block rendering.");
-
-        sameOriginFrameShouldBeBlocked("'none'");
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'none' should block rendering. This test PASSED if you do not see any content in the iframe below. Otherwise, it FAILED.</p>
+<script>
+    sameOriginFrameShouldBeBlocked("'none'");
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=*.0.0.1:8000'.
-A 'frame-ancestors' CSP directive with a value '*.0.0.1' should allow render in same-origin nested frames.
+A 'frame-ancestors' CSP directive with a value '*.0.0.1' should allow render in same-origin nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The inner IFrame passed.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 
@@ -16 +8 @@
 Testing a same-origin child with a policy of "*.0.0.1:8000" nested in a same-origin parent.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-protocolless-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value '*.0.0.1' should allow render in same-origin nested frames.");
-
-        testNestedIFrame("*.0.0.1:8000", SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD); 
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value '*.0.0.1' should allow render in same-origin nested frames. This test PASSED if you see content in the inner-most nested iframe below. Otherwise, it FAILED.</p>
+<script>
+    testNestedIFrame("*.0.0.1:8000", SAME_ORIGIN, SAME_ORIGIN, EXPECT_LOAD);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27self%27'.
-A 'frame-ancestors' CSP directive with a value 'self' should allow rendering.
+A 'frame-ancestors' CSP directive with a value 'self' should allow rendering. This test PASSED if you see content in the iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'self' should allow rendering.");
-
-        sameOriginFrameShouldBeAllowed("'self'");
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'self' should allow rendering. This test PASSED if you see content in the iframe below. Otherwise, it FAILED.</p>
+<script>
+    sameOriginFrameShouldBeAllowed("'self'");
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=%27self%27' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
-A 'frame-ancestors' CSP directive with a value 'self' should allow rendering.
+CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy='self'' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a value 'self' should allow rendering. This test PASSED if you do not see any content in the iframe below. Otherwise, it FAILED.
 
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-self-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a value 'self' should allow rendering.");
-
-        crossOriginFrameShouldBeBlocked("'self'");
-    </script>
+<p>A 'frame-ancestors' CSP directive with a value 'self' should allow rendering. This test PASSED if you do not see any content in the iframe below. Otherwise, it FAILED.</p>
+<script>
+    crossOriginFrameShouldBeBlocked("'self'");
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin-expected.txt

@@ -1 @@
-A 'frame-ancestors' CSP directive with '*' should allow rendering.
+A 'frame-ancestors' CSP directive with '*' should allow rendering. Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test PASSED if no console message declares that the frame was blocked.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-crossorigin.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with '*' should allow rendering.");
-
-        debug("Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test passes if no console message declares that the frame was blocked.");
-        crossOriginFrameShouldBeBlocked("*");
-    </script>
+<p>A 'frame-ancestors' CSP directive with '*' should allow rendering. Note that we can't distinguish blocked URLs from allowed cross-origin URLs due to the same-origin policy. This test PASSED if no console message declares that the frame was blocked.</p>
+<script>
+    crossOriginFrameShouldBeBlocked("*");
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=*'.
-A 'frame-ancestors' CSP directive with '*' should allow rendering.
+A 'frame-ancestors' CSP directive with '*' should allow rendering. This test PASSED if you see content in the iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-star-allow-sameorigin.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with '*' should allow rendering.");
-
-        sameOriginFrameShouldBeAllowed("*");
-    </script>
+<p>A 'frame-ancestors' CSP directive with '*' should allow rendering. This test PASSED if you see content in the iframe below. Otherwise, it FAILED.</p>
+<script>
+    sameOriginFrameShouldBeAllowed("*");
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow-expected.txt

@@ -1 @@
-CONSOLE MESSAGE: line 60: IFrame load event fired: the IFrame's location is 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://127.0.0.1:8000'.
-A 'frame-ancestors' CSP directive with a URL matching this origin should allow rendering.
+A 'frame-ancestors' CSP directive with a URL matching this origin should allow rendering. This test PASSED if you see content in the iframe below. Otherwise, it FAILED.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS The IFrame should not have been blocked. It wasn't.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-allow.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL matching this origin should allow rendering.");
-
-        sameOriginFrameShouldBeAllowed(window.location.origin);
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL matching this origin should allow rendering. This test PASSED if you see content in the iframe below. Otherwise, it FAILED.</p>
+<script>
+    sameOriginFrameShouldBeAllowed(window.location.origin);
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block-expected.txt

@@ -1 +1 @@
 CONSOLE MESSAGE: Refused to display 'http://localhost:8080/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=http://example.com/' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors http://example.com/".
-A 'frame-ancestors' CSP directive with a URL which doesn't match this origin should be blocked.
 
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+A 'frame-ancestors' CSP directive with a URL which doesn't match this origin should be blocked. This test PASSED if you do not see any content in the iframe below. Otherwise, it FAILED.
 
-
-IFrame load event fired: the IFrame is cross-origin (or was blocked).
-PASS The IFrame should have been blocked (or cross-origin). It was.
-PASS successfullyParsed is true
-
-TEST COMPLETE
 
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-url-block.html

@@ -2 +2 @@
 <html>
 <head>
-    <script src="/js-test-resources/js-test.js"></script>
     <script src="../../resources/frame-ancestors-test.js"></script>
 </head>
 <body>
-    <script>
-        description("A 'frame-ancestors' CSP directive with a URL which doesn't match this origin should be blocked.");
-
-        crossOriginFrameShouldBeBlocked("http://example.com/");
-    </script>
+<p>A 'frame-ancestors' CSP directive with a URL which doesn't match this origin should be blocked. This test PASSED if you do not see any content in the iframe below. Otherwise, it FAILED.</p>
+<script>
+    crossOriginFrameShouldBeBlocked("http://example.com/");
+</script>
 </body>
 </html>

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/resources/frame-ancestors-test.js

@@ -8 +8 @@
 var CROSSORIGIN_ORIGIN = "http://localhost:8080";
 
-window.jsTestIsAsync = true;
-window.wasPostTestScriptParsed = true;
+if (window.testRunner) {
+    testRunner.dumpAsText();
+    testRunner.dumpChildFramesAsText();
+    testRunner.waitUntilDone();
+}
 
-if (window.testRunner)
-    testRunner.dumpChildFramesAsText();
+function done() {
+    if (window.testRunner)
+        testRunner.notifyDone();
+}
 
 window.addEventListener("message", function (e) {
     if (window.parent != window) {
         window.parent.postMessage(e.data, "*");
-    } else {
-        if (e.data)
-            testFailed("The inner IFrame failed.");
-        else
-            testPassed("The inner IFrame passed.");
-
-        finishJSTest();
+        return;
     }
+    done();
 });
 
@@ -41 +41 @@
 }
 
-function injectIFrame(policy, sameOrigin, expectBlock) {
+function injectIFrame(policy, sameOrigin) {
     var iframe = document.createElement("iframe");
-    iframe.addEventListener("load", iframeLoaded(expectBlock));
-    iframe.addEventListener("error", iframeLoaded(expectBlock));
+    iframe.addEventListener("load", handleFrameEvent);
+    iframe.addEventListener("error", handleFrameEvent);
 
     var url = "/security/contentSecurityPolicy/resources/frame-ancestors.pl?policy=" + policy;
@@ -54 +54 @@
 }
 
-function iframeLoaded(expectBlock) {
-    return function(ev) {
-        var failed = true;
-        try {
-            console.log("IFrame load event fired: the IFrame's location is '" + ev.target.contentWindow.location.href + "'.");
-            if (expectBlock) {
-                testFailed("The IFrame should have been blocked (or cross-origin). It wasn't.");
-                failed = true;
-            } else {
-                testPassed("The IFrame should not have been blocked. It wasn't.");
-                failed = false;
-            }
-        } catch (ex) {
-            debug("IFrame load event fired: the IFrame is cross-origin (or was blocked).");
-            if (expectBlock) {
-                testPassed("The IFrame should have been blocked (or cross-origin). It was.");
-                failed = false;
-            } else {
-                testFailed("The IFrame should not have been blocked. It was.");
-                failed = true;
-            }
-        }
-        if (window.parent != window)
-            window.parent.postMessage(failed, '*');
-        else
-            finishJSTest();
-    };
+function handleFrameEvent(event) {
+    if (window.parent != window) {
+        window.parent.postMessage(null, '*');
+        return;
+    }
+    done();
 }
 

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/resources/frame-in-frame.pl

@@ -10 +10 @@
 print "<html>\n";
 print "<body>\n";
-print "    <script src='/js-test-resources/js-test.js'></script>\n";
 print "    <script src='/security/contentSecurityPolicy/resources/frame-ancestors-test.js'></script>\n";
+print "    <p>Testing a " . $cgi->param("child") . "-origin child with a policy of &quot;" . $cgi->param("policy") . "&quot; nested in a " . $cgi->param("parent") . "-origin parent.</p>";
 print "    <script>\n";
-print "        description(\"Testing a " . $cgi->param("child") . "-origin child with a policy of \\\"" . $cgi->param("policy") . "\\\" nested in a " . $cgi->param("parent") . "-origin parent.\");\n";
 print "        " . $cgi->param("child") . "OriginFrameShouldBe" . $cgi->param("expectation") . "(\"" . $cgi->param("policy") . "\");\n";
 print "    </script>\n";

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2016-03-10  Daniel Bates  <dabates@apple.com>
+
+        CSP: Implement frame-ancestors directive
+        https://bugs.webkit.org/show_bug.cgi?id=154345
+        <rdar://problem/24702161>
+
+        Reviewed by Brent Fulgham.
+
+        Add support for the Content Security Policy directive frame-ancestors per the Content Security
+        Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/>.
+
+        Tests: http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-meta-element-ignored.html
+               http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-in-report-only-ignored.html
+               http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin-https.html
+               http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-cross-origin.html
+               http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin-https.html
+               http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/report-frame-ancestors-same-origin.html
+
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied): Extracted from DocumentLoader::responseReceived().
+        (WebCore::DocumentLoader::responseReceived): Extracted logic to cancel a load and dispatch a DOM Load
+        event at the frame owner into DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
+        Make use of this function when loading of the frame is blocked by either the Content Security Policy or
+        the X-Frame-Option policy. We explicitly instantiate a ContentSecurityPolicy object with a SecurityOrigin
+        and Frame instead of using ScriptExecutionContext m_frame->document() because m_frame->document() is not
+        in a stable state (for instance, Document::m_url has not been initialized) as we are in the process of
+        loading the underlying document data for it.
+        * loader/DocumentLoader.h:
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::didBeginDocument): Pass ContentSecurityPolicy::ReportParsingErrors::No to silence
+        errors raised when parsing the Content Security Policy headers to avoid duplicate error messages. Any
+        parsing errors would have been raised when we parsed the Content Security Policy in DocumentLoader.
+        * page/csp/ContentSecurityPolicy.cpp:
+        (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Modified to take an optional pointer to a Frame (defaults
+        to nullptr). The specified Frame is used to support emitting console messages for violations/syntax errors and
+        send violation reports. We make use of this constructor variant in DocumentLoader to support emitting console
+        message and sending violation reports in the context of DocumentLoader where its associated Document is not in a
+        stable state and making use of a Frame seems less error prone.
+        (WebCore::ContentSecurityPolicy::didReceiveHeaders): Modified to take argument reportParsingErrors as
+        to whether to silence parsing errors when parsing the specified headers.
+        (WebCore::isAllowedByAllWithFrame): Helper function to query a ContentSecurityPolicyDirectiveList function
+        passing a Frame and URL for each Content Security Policy.
+        (WebCore::ContentSecurityPolicy::allowFrameAncestors): Calls WebCore::isAllowedByAllWithFrame().
+        (WebCore::ContentSecurityPolicy::reportViolation): Modified to support sending a violation report when
+        we have a Frame and no ScriptExecutionContext (such as when we are instantiated in DocumentLoader).
+        Additionally, we only will send a report if reporting is enabled (i.e. ContentSecurityPolicy::m_isReportingEnabled == true).
+        (WebCore::ContentSecurityPolicy::logToConsole): Modified to support logging a message to the console
+        we have a Frame and no ScriptExecutionContext. We also only allow logging if reporting is enabled.
+        * page/csp/ContentSecurityPolicy.h:
+        * page/csp/ContentSecurityPolicyDirectiveList.cpp:
+        (WebCore::checkFrameAncestors): Added.
+        (WebCore::ContentSecurityPolicyDirectiveList::checkFrameAncestorsAndReportViolation): Added.
+        (WebCore::ContentSecurityPolicyDirectiveList::allowFrameAncestors): Added.
+        (WebCore::ContentSecurityPolicyDirectiveList::parse): Ignore the directive frame-ancestors when defined
+        in a policy given in an HTML meta element and report such use as invalid.
+        (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the directive frame-ancestors.
+        * page/csp/ContentSecurityPolicyDirectiveList.h:
+        * page/csp/ContentSecurityPolicyResponseHeaders.h: Mark constructor "explicit".
+
 2016-03-10  Jer Noble  <jer.noble@apple.com>
 

trunk/Source/WebCore/loader/DocumentLoader.cpp

@@ -37 +37 @@
 #include "CachedResourceLoader.h"
 #include "ContentExtensionError.h"
+#include "ContentSecurityPolicy.h"
 #include "DOMWindow.h"
 #include "Document.h"
@@ -616 +617 @@
 }
 
+void DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(unsigned long identifier, const ResourceResponse& response)
+{
+    InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame, *this, identifier, response);
+    m_frame->document()->enforceSandboxFlags(SandboxOrigin);
+    if (HTMLFrameOwnerElement* ownerElement = m_frame->ownerElement())
+        ownerElement->dispatchEvent(Event::create(eventNames().loadEvent, false, false));
+
+    // The load event might have detached this frame. In that case, the load will already have been cancelled during detach.
+    if (FrameLoader* frameLoader = this->frameLoader())
+        cancelMainResourceLoad(frameLoader->cancelledError(m_request));
+}
+
 void DocumentLoader::responseReceived(CachedResource* resource, const ResourceResponse& response)
 {
@@ -635 +648 @@
         return;
 
+    ASSERT(m_identifierForLoadWithoutResourceLoader || m_mainResource);
+    unsigned long identifier = m_identifierForLoadWithoutResourceLoader ? m_identifierForLoadWithoutResourceLoader : m_mainResource->identifier();
+    ASSERT(identifier);
+
+    ContentSecurityPolicy contentSecurityPolicy(SecurityOrigin::create(response.url()), m_frame);
+    contentSecurityPolicy.didReceiveHeaders(ContentSecurityPolicyResponseHeaders(response));
+    if (!contentSecurityPolicy.allowFrameAncestors(*m_frame, response.url())) {
+        stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response);
+        return;
+    }
+
     const auto& commonHeaders = response.httpHeaderFields().commonHeaders();
     auto it = commonHeaders.find(HTTPHeaderName::XFrameOptions);
     if (it != commonHeaders.end()) {
         String content = it->value;
-        ASSERT(m_identifierForLoadWithoutResourceLoader || m_mainResource);
-        unsigned long identifier = m_identifierForLoadWithoutResourceLoader ? m_identifierForLoadWithoutResourceLoader : m_mainResource->identifier();
-        ASSERT(identifier);
         if (frameLoader()->shouldInterruptLoadForXFrameOptions(content, response.url(), identifier)) {
-            InspectorInstrumentation::continueAfterXFrameOptionsDenied(m_frame, *this, identifier, response);
             String message = "Refused to display '" + response.url().stringCenterEllipsizedToLength() + "' in a frame because it set 'X-Frame-Options' to '" + content + "'.";
-            frame()->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message, identifier);
-            frame()->document()->enforceSandboxFlags(SandboxOrigin);
-            if (HTMLFrameOwnerElement* ownerElement = frame()->ownerElement())
-                ownerElement->dispatchEvent(Event::create(eventNames().loadEvent, false, false));
-
-            // The load event might have detached this frame. In that case, the load will already have been cancelled during detach.
-            if (frameLoader())
-                cancelMainResourceLoad(frameLoader()->cancelledError(m_request));
+            m_frame->document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message, identifier);
+            stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(identifier, response);
             return;
         }

trunk/Source/WebCore/loader/DocumentLoader.h

@@ -330 +330 @@
         ResourceError interruptedForPolicyChangeError() const;
 
+        void stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied(unsigned long identifier, const ResourceResponse&);
+
 #if HAVE(RUNLOOP_TIMER)
         typedef RunLoopTimer<DocumentLoader> DocumentLoaderTimer;

trunk/Source/WebCore/loader/FrameLoader.cpp

@@ -689 +689 @@
             m_frame.document()->parseDNSPrefetchControlHeader(dnsPrefetchControl);
 
-        m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()));
+        m_frame.document()->contentSecurityPolicy()->didReceiveHeaders(ContentSecurityPolicyResponseHeaders(m_documentLoader->response()), ContentSecurityPolicy::ReportParsingErrors::No);
 
         String headerContentLanguage = m_documentLoader->response().httpHeaderField(HTTPHeaderName::ContentLanguage);

trunk/Source/WebCore/page/csp/ContentSecurityPolicy.cpp

@@ -53 +53 @@
 #include <inspector/ScriptCallStack.h>
 #include <inspector/ScriptCallStackFactory.h>
+#include <wtf/TemporaryChange.h>
 #include <wtf/text/TextPosition.h>
 
@@ -69 +70 @@
 }
 
-ContentSecurityPolicy::ContentSecurityPolicy(const SecurityOrigin& securityOrigin)
-    : m_sandboxFlags(SandboxNone)
+ContentSecurityPolicy::ContentSecurityPolicy(const SecurityOrigin& securityOrigin, const Frame* frame)
+    : m_frame(frame)
+    , m_sandboxFlags(SandboxNone)
 {
     m_selfSourceProtocol = securityOrigin.protocol();
@@ -96 +98 @@
 }
 
-void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyResponseHeaders& headers)
-{
+void ContentSecurityPolicy::didReceiveHeaders(const ContentSecurityPolicyResponseHeaders& headers, ReportParsingErrors reportParsingErrors)
+{
+    TemporaryChange<bool> isReportingEnabled(m_isReportingEnabled, reportParsingErrors == ReportParsingErrors::Yes);
     for (auto& header : headers.m_headers)
         didReceiveHeader(header.first, header.second, ContentSecurityPolicy::PolicyFrom::HTTPHeader);
@@ -156 +159 @@
         return url.protocolIsInHTTPFamily();
     return equalIgnoringASCIICase(url.protocol(), m_selfSourceProtocol);
+}
+
+template<bool (ContentSecurityPolicyDirectiveList::*allowed)(const Frame&, const URL&, ContentSecurityPolicy::ReportingStatus) const>
+static bool isAllowedByAllWithFrame(const CSPDirectiveListVector& policies, const Frame& frame, const URL& url, ContentSecurityPolicy::ReportingStatus reportingStatus)
+{
+    for (auto& policy : policies) {
+        if (!(policy.get()->*allowed)(frame, url, reportingStatus))
+            return false;
+    }
+    return true;
 }
 
@@ -315 +328 @@
 }
 
+bool ContentSecurityPolicy::allowFrameAncestors(const Frame& frame, const URL& url, bool overrideContentSecurityPolicy, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    if (overrideContentSecurityPolicy)
+        return true;
+    Frame& topFrame = frame.tree().top();
+    if (&frame == &topFrame)
+        return true;
+    return isAllowedByAllWithFrame<&ContentSecurityPolicyDirectiveList::allowFrameAncestors>(m_policies, frame, url, reportingStatus);
+}
+
 String ContentSecurityPolicy::evalDisabledErrorMessage() const
 {
@@ -427 +450 @@
     logToConsole(consoleMessage, contextURL, contextLine, state);
 
+    if (!m_isReportingEnabled)
+        return;
+
     // FIXME: Support sending reports from worker.
-    if (!is<Document>(m_scriptExecutionContext))
+    if (!is<Document>(m_scriptExecutionContext) && !m_frame)
         return;
 
-    Document& document = downcast<Document>(*m_scriptExecutionContext);
+    // FIXME: We should not hardcode the directive names. We should make use of the constants in ContentSecurityPolicyDirectiveList.cpp.
+    // See <https://bugs.webkit.org/show_bug.cgi?id=155133>.
+    ASSERT(!m_frame || effectiveDirective == "frame-ancestors");
+
+    Document& document = is<Document>(m_scriptExecutionContext) ? downcast<Document>(*m_scriptExecutionContext) : *m_frame->document();
     Frame* frame = document.frame();
+    ASSERT(!m_frame || m_frame == frame);
     if (!frame)
         return;
 
-    String documentURI = document.url().strippedForUseAsReferrer();
-    String referrer = document.referrer();
-    String blockedURI = stripURLForUseInReport(document, blockedURL);
+    String documentURI;
+    String blockedURI;
+    if (is<Document>(m_scriptExecutionContext)) {
+        documentURI = document.url().strippedForUseAsReferrer();
+        blockedURI = stripURLForUseInReport(document, blockedURL);
+    } else {
+        // The URL of |document| may not have been initialized (say, when reporting a frame-ancestors violation).
+        // So, we use the URL of the blocked document for the protected document URL.
+        documentURI = blockedURL;
+        blockedURI = blockedURL;
+    }
     String violatedDirective = directiveText;
     String originalPolicy = header;
+    String referrer = document.referrer();
     ASSERT(document.loader());
     unsigned short statusCode = document.url().protocolIs("http") && document.loader() ? document.loader()->response().httpStatusCode() : 0;
@@ -586 +626 @@
 void ContentSecurityPolicy::logToConsole(const String& message, const String& contextURL, const WTF::OrdinalNumber& contextLine, JSC::ExecState* state) const
 {
+    if (!m_isReportingEnabled)
+        return;
+
     // FIXME: <http://webkit.org/b/114317> ContentSecurityPolicy::logToConsole should include a column number
     if (m_scriptExecutionContext)
         m_scriptExecutionContext->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message, contextURL, contextLine.oneBasedInt(), 0, state);
+    else if (m_frame && m_frame->document())
+        static_cast<ScriptExecutionContext*>(m_frame->document())->addConsoleMessage(MessageSource::Security, MessageLevel::Error, message, contextURL, contextLine.oneBasedInt(), 0, state);
 }
 

trunk/Source/WebCore/page/csp/ContentSecurityPolicy.h

@@ -57 +57 @@
 public:
     explicit ContentSecurityPolicy(ScriptExecutionContext&);
-    explicit ContentSecurityPolicy(const SecurityOrigin&);
+    explicit ContentSecurityPolicy(const SecurityOrigin&, const Frame* = nullptr);
     ~ContentSecurityPolicy();
 
@@ -78 +78 @@
     };
     ContentSecurityPolicyResponseHeaders responseHeaders() const;
-    void didReceiveHeaders(const ContentSecurityPolicyResponseHeaders&);
+    enum ReportParsingErrors { No, Yes };
+    void didReceiveHeaders(const ContentSecurityPolicyResponseHeaders&, ReportParsingErrors = ReportParsingErrors::Yes);
     void processHTTPEquiv(const String& content, ContentSecurityPolicyHeaderType type) { didReceiveHeader(content, type, ContentSecurityPolicy::PolicyFrom::HTTPEquivMeta); }
 
@@ -104 +105 @@
     bool allowFormAction(const URL&, bool overrideContentSecurityPolicy = false, ContentSecurityPolicy::ReportingStatus = ContentSecurityPolicy::ReportingStatus::SendReport) const;
     bool allowBaseURI(const URL&, bool overrideContentSecurityPolicy = false, ContentSecurityPolicy::ReportingStatus = ContentSecurityPolicy::ReportingStatus::SendReport) const;
+    bool allowFrameAncestors(const Frame&, const URL&, bool overrideContentSecurityPolicy = false, ContentSecurityPolicy::ReportingStatus = ContentSecurityPolicy::ReportingStatus::SendReport) const;
 
     void setOverrideAllowInlineStyle(bool);
@@ -161 +163 @@
     const TextEncoding& documentEncoding() const;
 
+    // We can never have both a script execution context and a frame.
     ScriptExecutionContext* m_scriptExecutionContext { nullptr };
+    const Frame* m_frame { nullptr };
     std::unique_ptr<ContentSecurityPolicySource> m_selfSource;
     String m_selfSourceProtocol;
@@ -168 +172 @@
     SandboxFlags m_sandboxFlags;
     bool m_overrideInlineStyleAllowed { false };
+    bool m_isReportingEnabled { true };
     OptionSet<ContentSecurityPolicyHashAlgorithm> m_hashAlgorithmsForInlineScripts;
     OptionSet<ContentSecurityPolicyHashAlgorithm> m_hashAlgorithmsForInlineStylesheets;

trunk/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.cpp

@@ -28 +28 @@
 #include "ContentSecurityPolicyDirectiveList.h"
 
+#include "Document.h"
+#include "Frame.h"
 #include "ParsingUtilities.h"
 #include "SecurityContext.h"
@@ -52 +54 @@
 static const char formAction[] = "form-action";
 static const char pluginTypes[] = "plugin-types";
+static const char frameAncestors[] = "frame-ancestors";
 #if ENABLE(CSP_NEXT)
 static const char reflectedXSS[] = "reflected-xss";
@@ -129 +132 @@
 {
     return !directive || directive->allows(nonce);
+}
+
+static inline bool checkFrameAncestors(ContentSecurityPolicySourceListDirective* directive, const Frame& frame)
+{
+    if (!directive)
+        return true;
+    for (Frame* current = frame.tree().parent(); current; current = current->tree().parent()) {
+        if (!directive->allows(current->document()->url()))
+            return false;
+    }
+    return true;
 }
 
@@ -265 +279 @@
 }
 
+bool ContentSecurityPolicyDirectiveList::checkFrameAncestorsAndReportViolation(ContentSecurityPolicySourceListDirective* directive, const Frame& frame, const URL& url, const String& effectiveDirective) const
+{
+    if (checkFrameAncestors(directive, frame))
+        return true;
+    reportViolation(directive->text(), effectiveDirective, makeString("Refused to display '", url.stringCenterEllipsizedToLength(), "' in a frame because an ancestor violates the following Content Security Policy directive: \"", directive->text(), "\".", '\n'), url);
+    return denyIfEnforcingPolicy();
+}
+
 bool ContentSecurityPolicyDirectiveList::allowJavaScriptURLs(const String& contextURL, const WTF::OrdinalNumber& contextLine, ContentSecurityPolicy::ReportingStatus reportingStatus) const
 {
@@ -415 +437 @@
         return checkSourceAndReportViolation(m_baseURI.get(), url, baseURI);
     return m_reportOnly || checkSource(m_baseURI.get(), url);
+}
+
+bool ContentSecurityPolicyDirectiveList::allowFrameAncestors(const Frame& frame, const URL& url, ContentSecurityPolicy::ReportingStatus reportingStatus) const
+{
+    if (reportingStatus == ContentSecurityPolicy::ReportingStatus::SendReport)
+        return checkFrameAncestorsAndReportViolation(m_frameAncestors.get(), frame, url, frameAncestors);
+    return m_reportOnly || checkFrameAncestors(m_frameAncestors.get(), frame);
 }
 
@@ -439 +468 @@
             switch (policyFrom) {
             case ContentSecurityPolicy::PolicyFrom::HTTPEquivMeta:
-                if (equalLettersIgnoringASCIICase(name, sandbox) || equalLettersIgnoringASCIICase(name, reportURI)) {
+                if (equalLettersIgnoringASCIICase(name, sandbox) || equalLettersIgnoringASCIICase(name, reportURI)
+                    || equalLettersIgnoringASCIICase(name, frameAncestors)) {
                     m_policy.reportInvalidDirectiveInHTTPEquivMeta(name);
                     break;
@@ -638 +668 @@
     else if (equalLettersIgnoringASCIICase(name, baseURI))
         setCSPDirective<ContentSecurityPolicySourceListDirective>(name, value, m_baseURI);
-    else if (equalLettersIgnoringASCIICase(name, pluginTypes))
+    else if (equalLettersIgnoringASCIICase(name, frameAncestors)) {
+        if (m_reportOnly) {
+            m_policy.reportInvalidDirectiveInReportOnlyMode(name);
+            return;
+        }
+        setCSPDirective<ContentSecurityPolicySourceListDirective>(name, value, m_frameAncestors);
+    } else if (equalLettersIgnoringASCIICase(name, pluginTypes))
         setCSPDirective<ContentSecurityPolicyMediaListDirective>(name, value, m_pluginTypes);
     else if (equalLettersIgnoringASCIICase(name, sandbox))

trunk/Source/WebCore/page/csp/ContentSecurityPolicyDirectiveList.h

@@ -72 +72 @@
     bool allowBaseURI(const URL&, ContentSecurityPolicy::ReportingStatus) const;
 
+    bool allowFrameAncestors(const Frame&, const URL&, ContentSecurityPolicy::ReportingStatus) const;
+
     const String& evalDisabledErrorMessage() const { return m_evalDisabledErrorMessage; }
     ContentSecurityPolicy::ReflectedXSSDisposition reflectedXSSDisposition() const { return m_reflectedXSSDisposition; }
@@ -99 +101 @@
 
     bool checkSourceAndReportViolation(ContentSecurityPolicySourceListDirective*, const URL&, const String& effectiveDirective) const;
+    bool checkFrameAncestorsAndReportViolation(ContentSecurityPolicySourceListDirective*, const Frame&, const URL&, const String& effectiveDirective) const;
     bool checkMediaTypeAndReportViolation(ContentSecurityPolicyMediaListDirective*, const String& type, const String& typeAttribute, const String& consoleMessage) const;
 
@@ -120 +123 @@
     std::unique_ptr<ContentSecurityPolicySourceListDirective> m_fontSrc;
     std::unique_ptr<ContentSecurityPolicySourceListDirective> m_formAction;
+    std::unique_ptr<ContentSecurityPolicySourceListDirective> m_frameAncestors;
     std::unique_ptr<ContentSecurityPolicySourceListDirective> m_frameSrc;
     std::unique_ptr<ContentSecurityPolicySourceListDirective> m_imgSrc;

trunk/Source/WebCore/page/csp/ContentSecurityPolicyResponseHeaders.h

@@ -44 +44 @@
 class ContentSecurityPolicyResponseHeaders {
 public:
-    ContentSecurityPolicyResponseHeaders(const ResourceResponse&);
+    explicit ContentSecurityPolicyResponseHeaders(const ResourceResponse&);
 
     ContentSecurityPolicyResponseHeaders isolatedCopy() const;