Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(475)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/support/connect-src-self.sub.js

Issue 2456013002: CSP: 'connect-src' should not cause exceptions. (Closed)
Patch Set: Ugh. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html ('K') | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/support/connect-src-allow.sub.js ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/support/testharness-helper.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 importScripts("{{location[server]}}/resources/testharness.js"); 1 importScripts("{{location[server]}}/resources/testharness.js");
2 importScripts("{{location[server]}}/content-security-policy/support/testharness- helper.js"); 2 importScripts("{{location[server]}}/content-security-policy/support/testharness- helper.js");
3 3
4 // Same-origin 4 // Same-origin
5 async_test(t => { 5 async_test(t => {
6 var url = "{{location[server]}}/common/text-plain.txt?same-origin-fetch"; 6 var url = "{{location[server]}}/common/text-plain.txt?same-origin-fetch";
7 assert_no_csp_event_for_url(t, url); 7 assert_no_csp_event_for_url(t, url);
8 8
9 fetch(url) 9 fetch(url)
10 .then(t.step_func_done(r => assert_equals(r.status, 200))); 10 .then(t.step_func_done(r => assert_equals(r.status, 200)));
11 }, "Same-origin 'fetch()' in " + self.location.protocol + self.location.search); 11 }, "Same-origin 'fetch()' in " + self.location.protocol + self.location.search);
12 12
13 async_test(t => { 13 async_test(t => {
14 var url = "{{location[server]}}/common/text-plain.txt?same-origin-xhr"; 14 var url = "{{location[server]}}/common/text-plain.txt?same-origin-xhr";
15 assert_no_csp_event_for_url(t, url); 15 assert_no_csp_event_for_url(t, url);
16 16
17 var xhr = new XMLHttpRequest(); 17 var xhr = new XMLHttpRequest();
18 try { 18 xhr.open("GET", url);
19 xhr.open("GET", url); 19 xhr.onload = t.step_func_done();
20 t.done(); 20 xhr.onerror = t.unreached_func();
21 } catch (e) {
22 assert_unreached();
23 }
24 xhr.send(); 21 xhr.send();
25 }, "Same-origin XHR in " + self.location.protocol + self.location.search); 22 }, "Same-origin XHR in " + self.location.protocol + self.location.search);
26 23
27 // Cross-origin 24 // Cross-origin
28 async_test(t => { 25 async_test(t => {
29 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr oss-origin-fetch"; 26 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr oss-origin-fetch";
30 27
31 Promise.all([ 28 Promise.all([
32 waitUntilCSPEventForURL(t, url), 29 // TODO(mkwst): A 'securitypolicyviolation' event should fire.
33 fetch(url) 30 fetch(url)
34 .catch(t.step_func(e => assert_true(e instanceof TypeError))) 31 .catch(t.step_func(e => assert_true(e instanceof TypeError)))
35 ]).then(_ => t.done()); 32 ]).then(t.step_func_done());
36 }, "Cross-origin 'fetch()' in " + self.location.protocol + self.location.search) ; 33 }, "Cross-origin 'fetch()' in " + self.location.protocol + self.location.search) ;
37 34
38 async_test(t => { 35 async_test(t => {
39 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr oss-origin-xhr"; 36 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr oss-origin-xhr";
40 37
41 Promise.all([ 38 Promise.all([
42 waitUntilCSPEventForURL(t, url), 39 // TODO(mkwst): A 'securitypolicyviolation' event should fire.
43 new Promise((resolve, reject) => { 40 new Promise((resolve, reject) => {
44 var xhr = new XMLHttpRequest(); 41 var xhr = new XMLHttpRequest();
45 try { 42 xhr.open("GET", url);
46 xhr.open("GET", url); 43 xhr.onload = t.step_func(_ => reject("xhr.open should have thrown."));
47 reject("xhr.open should have thrown"); 44 xhr.onerror = t.step_func(resolve);
48 } catch (e) { 45 xhr.send();
49 resolve();
50 }
51 }) 46 })
52 ]).then(_ => t.done()); 47 ]).then(t.step_func_done());
53 }, "Cross-origin XHR in " + self.location.protocol + self.location.search); 48 }, "Cross-origin XHR in " + self.location.protocol + self.location.search);
54 49
55 // Same-origin redirecting to cross-origin 50 // Same-origin redirecting to cross-origin
56 async_test(t => { 51 async_test(t => {
57 var url = "{{location[server]}}/common/redirect-opt-in.py?status=307&location= http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cross-origin-fe tch"; 52 var url = "{{location[server]}}/common/redirect-opt-in.py?status=307&location= http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cross-origin-fe tch";
58 // TODO(mkwst): The event should be firing. :(
59 53
54 // TODO(mkwst): A 'securitypolicyviolation' event should fire.
60 fetch(url) 55 fetch(url)
61 .catch(t.step_func_done(e => assert_true(e instanceof TypeError))) 56 .catch(t.step_func_done(e => assert_true(e instanceof TypeError)))
62 }, "Same-origin => cross-origin 'fetch()' in " + self.location.protocol + self.l ocation.search); 57 }, "Same-origin => cross-origin 'fetch()' in " + self.location.protocol + self.l ocation.search);
63 58
64 done(); 59 done();
OLDNEW
« third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html ('K') | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/support/connect-src-allow.sub.js ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/support/testharness-helper.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698