1
0
mirror of https://github.com/kkapsner/CanvasBlocker synced 2025-01-08 20:54:49 +01:00

Extended standard test to capture additional iframe scenarios.

This commit is contained in:
kkapsner 2017-10-10 20:33:42 +02:00
parent f28d635e64
commit db3b8fdd69
2 changed files with 35 additions and 7 deletions

View File

@ -7,16 +7,32 @@
<body> <body>
<div id="top"> <div id="top">
<h1>top Test</h1> <h1>top Test</h1>
<img class="display" width="100%"><br> <img class="display"><br>
Hash: <span class="hash"></span> Hash: <span class="hash"></span>
<button>refresh</button> <button>refresh</button>
</div> </div>
<div id="iframe"> <div id="iframe">
<h1>iFrame Test. Thanks to DocumentRoot.</h1> <h1>iFrame Test. Thanks to DocumentRoot.</h1>
<img class="display" width="100%"><br> <img class="display"><br>
Hash: <span class="hash"></span> Hash: <span class="hash"></span>
<iframe sandbox="allow-same-origin" style="display:none"></iframe> <iframe sandbox="allow-same-origin" style="display:none"></iframe>
<button>refresh</button> <button>refresh</button>
</div> </div>
</div>
<div id="iframe2">
<h1>iFrame Test 2 - with URL</h1>
<img class="display"><br>
Hash: <span class="hash"></span>
<iframe src="?" sandbox="allow-same-origin" style="display:none"></iframe>
<button>refresh</button>
</div>
</div>
<div id="iframe3">
<h1>iFrame Test 3 - violating SOP</h1>
<img class="display"><br>
Hash: <span class="hash"></span>
<iframe src="http://example.org" style="display:none"></iframe>
<button>refresh</button>
</div>
<script src="test.js"></script> <script src="test.js"></script>
</body></html> </body></html>

View File

@ -17,14 +17,26 @@
} }
if (location.search !== "?notInitial"){ if (location.search !== "?notInitial"){
show(document.getElementById("top"), topTest()); try {show(document.getElementById("top"), topTest());}
show(document.getElementById("iframe"), iframeTest()); catch (e){console.error(e);}
try {show(document.getElementById("iframe"), iframeTest(document.querySelector("#iframe iframe")));}
catch (e){console.error(e);}
try {show(document.getElementById("iframe2"), iframeTest(document.querySelector("#iframe2 iframe")));}
catch (e){console.error(e);}
try {show(document.getElementById("iframe3"), iframeTest(document.querySelector("#iframe3 iframe")));}
catch (e){console.error(e);}
} }
document.querySelector("#top button").addEventListener("click", function(){ document.querySelector("#top button").addEventListener("click", function(){
show(document.getElementById("top"), topTest()); show(document.getElementById("top"), topTest());
}); });
document.querySelector("#iframe button").addEventListener("click", function(){ document.querySelector("#iframe button").addEventListener("click", function(){
show(document.getElementById("iframe"), iframeTest()); show(document.getElementById("iframe"), iframeTest(document.querySelector("#iframe iframe")));
});
document.querySelector("#iframe2 button").addEventListener("click", function(){
show(document.getElementById("iframe2"), iframeTest(document.querySelector("#iframe2 iframe")));
});
document.querySelector("#iframe3 button").addEventListener("click", function(){
show(document.getElementById("iframe3"), iframeTest(document.querySelector("#iframe3 iframe")));
}); });
}()); }());
@ -60,7 +72,7 @@ function topTest(){
return canvas.toDataURL(); return canvas.toDataURL();
} }
function iframeTest(){ function iframeTest(iframe){
"use strict"; "use strict";
// create window canvas // create window canvas
@ -70,7 +82,7 @@ function iframeTest(){
draw(canvas); draw(canvas);
// create iframe canvas and ctx // create iframe canvas and ctx
var iframe_canvas = document.querySelector("#iframe iframe").contentDocument.createElement("canvas"); var iframe_canvas = iframe.contentDocument.createElement("canvas");
iframe_canvas.setAttribute("width", 220); iframe_canvas.setAttribute("width", 220);
iframe_canvas.setAttribute("height", 30); iframe_canvas.setAttribute("height", 30);
var iframe_ctx = iframe_canvas.getContext("2d"); var iframe_ctx = iframe_canvas.getContext("2d");