OLD | NEW |
| (Empty) |
1 <!DOCTYPE html> | |
2 <html> | |
3 <head> | |
4 <meta http-equiv="Content-Security-Policy" content="connect-src http://127.0
.0.1:8000/security/contentSecurityPolicy/resources/redir.php"> | |
5 <script src="/js-test-resources/js-test.js"></script> | |
6 </head> | |
7 <body> | |
8 <script> | |
9 window.jsTestIsAsync = true; | |
10 | |
11 var es; | |
12 try { | |
13 // Redirect to a different host, because as of CSP2 paths | |
14 // are ignored when matching after a redirect. | |
15 es = new EventSource("resources/redir.php?url=http://localhost:8000/
eventsource/resources/simple-event-stream.asis"); | |
16 } catch(e) { | |
17 testFailed("EventSource() should not throw an exception."); | |
18 } | |
19 | |
20 es.onload = function () { | |
21 testFailed("EventSource() should fail to follow the disallowed redir
ect."); | |
22 finishJSTest(); | |
23 }; | |
24 | |
25 es.onerror = function () { | |
26 testPassed("EventSource() did not follow the disallowed redirect."); | |
27 finishJSTest(); | |
28 }; | |
29 </script> | |
30 </script> | |
31 </body> | |
32 </html> | |
OLD | NEW |