third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html - Issue 1454003003: [CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker.

Unified Diff: third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html

Issue 1454003003: [CSP] Don't check the path component of the URL when the response was fetched via ServiceWorker. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/serviceworker/fetch-csp-expected.txt ('k') | third_party/WebKit/Source/core/fetch/FetchContext.h » ('j') | third_party/WebKit/Source/core/loader/FrameFetchContext.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html

diff --git a/third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html b/third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html

index 0beea19f76385b99c88429dfd8d730e33978760f..33bf0416d5856da3f894468d39457ea7bf58a359 100644

--- a/third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html

+++ b/third_party/WebKit/LayoutTests/http/tests/serviceworker/resources/fetch-csp-iframe.html

@@ -1,78 +1,16 @@

-<script src="../../resources/get-host-info.js"></script>

-<script src="test-helpers.js?pipe=sub"></script>

-var image_path = base_path() + 'fetch-access-control.php?PNGIMAGE';

-var host_info = get_host_info();

-var results = '';

-var port = undefined;

var meta = document.createElement('meta');

meta.setAttribute('http-equiv', 'Content-Security-Policy');

-meta.setAttribute('content', 'img-src ' + host_info['HTTP_ORIGIN'] +

- '; script-src \'unsafe-inline\'');

+meta.setAttribute('content', decodeURIComponent(location.search.substring(1)));

document.head.appendChild(meta);

-function test1() {

- var img = document.createElement('img');

- document.body.appendChild(img);

- img.onload = function() {

- test2();

- };

- img.onerror = function() {

- results += 'FAIL(1)';

- test2();

- };

- img.src = host_info['HTTP_ORIGIN'] + image_path;

-function test2() {

- var img = document.createElement('img');

- document.body.appendChild(img);

- img.onload = function() {

- results += 'FAIL(2)';

- test3();

- };

- img.onerror = function() {

- test3();

- };

- img.src = host_info['HTTP_REMOTE_ORIGIN'] + image_path;

-function test3() {

- var img = document.createElement('img');

- document.body.appendChild(img);

- img.onload = function() {

- test4();

- };

- img.onerror = function() {

- results += 'FAIL(3)';

- test4();

- };

- img.src = './dummy?url=' +

- encodeURIComponent(host_info['HTTP_ORIGIN'] + image_path);

+function load_image(url) {

+ return new Promise(function(resolve, reject) {

+ var img = document.createElement('img');

+ document.body.appendChild(img);

+ img.onload = resolve;

+ img.onerror = reject;

+ img.src = url;

+ });

}

-function test4() {

- var img = document.createElement('img');

- document.body.appendChild(img);

- img.onload = function() {

- results += 'FAIL(4)';

- finish();

- };

- img.onerror = function() {

- finish();

- };

- img.src = './dummy?mode=no-cors&url=' +

- encodeURIComponent(host_info['HTTP_REMOTE_ORIGIN'] + image_path);

-function finish() {

- results += 'finish';

- port.postMessage({results: results});

-window.addEventListener('message', function(evt) {

- port = evt.ports[0];

- test1();

- }, false);

</script>