Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(162)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html

Issue 2456013002: CSP: 'connect-src' should not cause exceptions. (Closed)
Patch Set: Ugh. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html » ('j') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 <!DOCTYPE html>
2 <meta http-equiv="Content-Security-Policy" content="connect-src 'self'">
3 <script src="/resources/testharness.js"></script>
4 <script src="/resources/testharnessreport.js"></script>
5 <script>
6 async_test(t => {
7 var errorEvent = false;
8 var cspEvent = false;
9
10 var xhr = new XMLHttpRequest;
11 xhr.open("GET", "http://{{domains[www]}}:{{ports[http][0]}}/common/text-pl ain.txt");
12 xhr.onload = t.unreached_func("Load should not fire.");
13 xhr.onerror = t.step_func(e => {
14 assert_equals(xhr.readyState, XMLHttpRequest.DONE);
15
16 assert_false(errorEvent);
17 errorEvent = true;
18 if (cspEvent)
19 t.done();
20 });
21
22 document.addEventListener("securitypolicyviolation", t.step_func(e => {
23 if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/t ext-plain.txt")
24 return;
25
26 assert_equals(xhr.readyState, XMLHttpRequest.DONE);
27 assert_equals(e.violatedDirective, "connect-src");
28
29 assert_false(cspEvent);
30 cspEvent = true;
31 if (errorEvent)
32 t.done();
33 }));
34
35 xhr.send();
36 }, "XHR should fire onerror.");
37
38 async_test(t => {
39 var errorEvent = false;
40 var cspEvent = false;
41
42 var xhr = new XMLHttpRequest;
43 xhr.open("GET", "/common/redirect-opt-in.py?status=307&location=http://{{d omains[www]}}:{{ports[http][0]}}/common/text-plain.txt");
44 xhr.onload = t.unreached_func("Load should not fire.");
45 xhr.onerror = t.step_func(e => {
46 assert_equals(xhr.readyState, XMLHttpRequest.DONE);
47
48 assert_false(errorEvent);
49 errorEvent = true;
50 if (cspEvent)
51 t.done();
52 });
53
54 document.addEventListener("securitypolicyviolation", t.step_func(e => {
55 if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}")
56 return;
57
58 assert_equals(xhr.readyState, XMLHttpRequest.DONE);
59 assert_equals(e.violatedDirective, "connect-src");
60
61 assert_false(cspEvent);
62 cspEvent = true;
63 if (errorEvent)
64 t.done();
65 }));
66
67 xhr.send();
68 }, "XHR should fire onerror after a redirect.");
69 </script>
OLDNEW
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html » ('j') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html » ('J')

Powered by Google App Engine
This is Rietveld 408576698