OLD | NEW |
(Empty) | |
| 1 <!doctype html> |
| 2 <script src="/resources/testharness.js"></script> |
| 3 <script src="/resources/testharnessreport.js"></script> |
| 4 <meta http-equiv="Content-Security-Policy" content="require-sri-for script; scri
pt-src 'self' 'unsafe-inline'"> |
| 5 <script> |
| 6 var executed_test = async_test('Test that a worker can be created, but execu
tion is blocked.'); |
| 7 try { |
| 8 var worker = new Worker("/security/contentSecurityPolicy/require-sri-for
/sri-worker.js"); |
| 9 worker.onmessage = function(e){ |
| 10 executed_test.assert_unreached("This code block should not execute."
); |
| 11 }; |
| 12 } catch (e) { |
| 13 assert_equals(e.message, "Failed to construct 'Worker': Access to the sc
ript at 'http://127.0.0.1:8000/security/contentSecurityPolicy/require-sri-for/sr
i-worker.js' is denied by the document's Content Security Policy."); |
| 14 } |
| 15 document.addEventListener('securitypolicyviolation', executed_test.unreached
_func("No report should be generated.")); |
| 16 executed_test.done(); |
| 17 </script> |
OLD | NEW |