OLD | NEW |
1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
2 <html> | 2 <html> |
3 <head> | 3 <head> |
4 <script src="/resources/testharness.js"></script> | 4 <script src="/resources/testharness.js"></script> |
5 <script src="/resources/testharnessreport.js"></script> | 5 <script src="/resources/testharnessreport.js"></script> |
6 <script> | 6 <script> |
7 async_test(function (t) { | 7 async_test(function (t) { |
8 window.expectSuccess = t.step_func_done(function (el) { | 8 window.expectSuccess = t.unreached_func("Handler should not exec
ute."); |
9 assert_equals(el, document.querySelector('#pass')); | |
10 }); | |
11 window.addEventListener('load', t.step_func(function () { | 9 window.addEventListener('load', t.step_func(function () { |
12 document.querySelector('#pass').click(); | 10 document.querySelector('#pass').click(); |
13 })); | 11 })); |
14 }, 'Inline event handlers whitelisted by the policy should fire.'); | |
15 | |
16 async_test(function (t) { | |
17 window.expectFailure = t.unreached_func("Handler should not exec
ute."); | |
18 document.addEventListener('securitypolicyviolation', t.step_func
_done(function (e) { | 12 document.addEventListener('securitypolicyviolation', t.step_func
_done(function (e) { |
19 assert_equals(e.target, document); | 13 assert_equals(e.target, document); |
20 })); | 14 })); |
21 window.addEventListener('load', t.step_func(function () { | 15 }, 'Inline event handlers whitelisted by the policy should not fire,
as \'unsafe-hash-attributes\' is not present.'); |
22 document.querySelector('#fail').click(); | |
23 })); | |
24 }, 'Inline event handlers not whitelisted by the policy should gener
ate error events.'); | |
25 </script> | 16 </script> |
26 | 17 |
27 <meta http-equiv="Content-Security-Policy" content="script-src 'sha256-n
htYaXCssBJTThiDLYewspQYue9tisulEwJ3nTJKcMI='"> | 18 <meta http-equiv="Content-Security-Policy" content="script-src 'sha256-n
htYaXCssBJTThiDLYewspQYue9tisulEwJ3nTJKcMI='"> |
28 </head> | 19 </head> |
29 <body> | 20 <body> |
30 <button id="pass" onclick="expectSuccess(this)"></button> | 21 <button id="pass" onclick="expectFailure(this)"></button> |
31 <button id="fail" onclick="expectFailure(this)"></button> | 22 <button id="fail" onclick="expectFailure(this)"></button> |
32 </body> | 23 </body> |
33 </html> | 24 </html> |
OLD | NEW |