CSP: 'connect-src' should not cause exceptions.

third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html

 <!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Security-Policy" content="connect-src ws://127.0.0.1:8880">
+<meta http-equiv="Content-Security-Policy" content="connect-src 'self'">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
 <script>
-if (window.testRunner)
-    testRunner.dumpAsText();
+    async_test(t => {
+      var eventsSeen = 0;
+
+      var ws = new WebSocket("ws://example.test:8880/echo");
+      ws.onopen = t.unreached_func("Open should not fire.");

[foolip, 2016/10/27 13:59:50]

Maybe lowercase open

[Mike West, 2016/10/27 14:18:24]

Sure!

+      ws.onerror = t.step_func(e => {
+        assert_equals(ws.readyState, WebSocket.CLOSED);
+
+        eventsSeen++;
+        if (eventsSeen == 2)
+            t.done();
+      });
+
+      document.addEventListener("securitypolicyviolation", t.step_func(e => {
+        if (e.blockedURI != "ws://example.test:8880")
+            return;
+
+        assert_equals(ws.readyState, WebSocket.CLOSED);
+        assert_equals(e.violatedDirective, "connect-src");
+
+        eventsSeen++;
+        if (eventsSeen == 2)
+            t.done();
+      }));
+    }, "WebSocket should fire onerror.");

[foolip, 2016/10/27 13:59:50]

Maybe "error event"

[Mike West, 2016/10/27 14:18:24]

Sure!

 </script>
-</head>
-<body>
-<pre id="console"></pre>
-<script>
-function log(msg)
-{
-    document.getElementById("console").appendChild(document.createTextNode(msg + "\n"));
-}
-
-try {
-    var ws = new WebSocket("ws://localhost:8880/echo");
-    log("Fail");
-} catch(e) {
-    log("Pass");
-}
-
-</script>
-</body>
-</html>