OLD | NEW |
---|---|
1 <!doctype html> | 1 <!doctype html> |
2 <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-abc'; styl e-src 'self'"> | 2 <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-abc'; styl e-src 'self'"> |
3 <script nonce="abc" src="/resources/testharness.js"></script> | 3 <script nonce="abc" src="/resources/testharness.js"></script> |
4 <script nonce="abc" src="/resources/testharnessreport.js"></script> | 4 <script nonce="abc" src="/resources/testharnessreport.js"></script> |
5 <script nonce="abc"> | 5 <script nonce="abc"> |
6 var unexecuted_test = async_test("These tests should not fail."); | 6 var unexecuted_test = async_test("These tests should not fail."); |
7 | 7 |
8 async_test(t => { | 8 async_test(t => { |
9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation']) | 9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation']) |
10 watcher.wait_for('securitypolicyviolation') | 10 watcher.wait_for('securitypolicyviolation') |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
47 })) | 47 })) |
48 .then(t.step_func(e => { | 48 .then(t.step_func(e => { |
49 assert_equals(e.blockedURI, "inline"); | 49 assert_equals(e.blockedURI, "inline"); |
50 assert_equals(e.lineNumber, 157); | 50 assert_equals(e.lineNumber, 157); |
51 assert_equals(e.target, document, "Elements in DocumentFragments target the document"); | 51 assert_equals(e.target, document, "Elements in DocumentFragments target the document"); |
52 })) | 52 })) |
53 .then(t.step_func_done(_ => { | 53 .then(t.step_func_done(_ => { |
54 unexecuted_test.done(); | 54 unexecuted_test.done(); |
55 })); | 55 })); |
56 }, "Inline violations target the right element."); | 56 }, "Inline violations target the right element."); |
57 | |
Mike West
2017/02/22 15:06:36
Moved this over from //http/tests because it was b
| |
57 </script> | 58 </script> |
58 <!-- Inline block with no nonce. --> | 59 <!-- Inline block with no nonce. --> |
59 <script id="block1"> | 60 <script id="block1"> |
60 unexecuted_test.assert_unreached("This code block should not execute."); | 61 unexecuted_test.assert_unreached("This code block should not execute."); |
61 </script> | 62 </script> |
62 | 63 |
63 <!-- Inline event handler. --> | 64 <!-- Inline event handler. --> |
64 <a id="block2" onclick="void(0)">Click me!</a> | 65 <a id="block2" onclick="void(0)">Click me!</a> |
65 <script nonce='abc'>document.querySelector('#block2').click();</script> | 66 <script nonce='abc'>document.querySelector('#block2').click();</script> |
66 | 67 |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
150 async_test(t => { | 151 async_test(t => { |
151 var f = new DocumentFragment(); | 152 var f = new DocumentFragment(); |
152 var d = document.createElement('div'); | 153 var d = document.createElement('div'); |
153 d.setAttribute('onclick', 'void(0)'); | 154 d.setAttribute('onclick', 'void(0)'); |
154 d.addEventListener('securitypolicyviolation', t.unreached_func()); | 155 d.addEventListener('securitypolicyviolation', t.unreached_func()); |
155 f.appendChild(d); | 156 f.appendChild(d); |
156 d.click(); | 157 d.click(); |
157 t.done(); | 158 t.done(); |
158 }, "Inline event handlers for elements in a DocumentFragment target the docume nt."); | 159 }, "Inline event handlers for elements in a DocumentFragment target the docume nt."); |
159 </script> | 160 </script> |
OLD | NEW |