OLD | NEW |
1 importScripts("{{location[server]}}/resources/testharness.js"); | 1 importScripts("{{location[server]}}/resources/testharness.js"); |
2 importScripts("{{location[server]}}/content-security-policy/support/testharness-
helper.js"); | 2 importScripts("{{location[server]}}/content-security-policy/support/testharness-
helper.js"); |
3 | 3 |
4 // Same-origin | 4 // Same-origin |
5 async_test(t => { | 5 async_test(t => { |
6 var url = "{{location[server]}}/common/text-plain.txt?same-origin-fetch"; | 6 var url = "{{location[server]}}/common/text-plain.txt?same-origin-fetch"; |
7 assert_no_csp_event_for_url(t, url); | 7 assert_no_csp_event_for_url(t, url); |
8 | 8 |
9 fetch(url) | 9 fetch(url) |
10 .then(t.step_func_done(r => assert_equals(r.status, 200))); | 10 .then(t.step_func_done(r => assert_equals(r.status, 200))); |
11 }, "Same-origin 'fetch()' in " + self.location.protocol + self.location.search); | 11 }, "Same-origin 'fetch()' in " + self.location.protocol + self.location.search); |
12 | 12 |
13 async_test(t => { | 13 async_test(t => { |
14 var url = "{{location[server]}}/common/text-plain.txt?same-origin-xhr"; | 14 var url = "{{location[server]}}/common/text-plain.txt?same-origin-xhr"; |
15 assert_no_csp_event_for_url(t, url); | 15 assert_no_csp_event_for_url(t, url); |
16 | 16 |
17 var xhr = new XMLHttpRequest(); | 17 var xhr = new XMLHttpRequest(); |
18 try { | 18 xhr.open("GET", url); |
19 xhr.open("GET", url); | 19 xhr.onload = t.step_func_done(); |
20 t.done(); | 20 xhr.onerror = t.unreached_func(); |
21 } catch (e) { | |
22 assert_unreached(); | |
23 } | |
24 xhr.send(); | 21 xhr.send(); |
25 }, "Same-origin XHR in " + self.location.protocol + self.location.search); | 22 }, "Same-origin XHR in " + self.location.protocol + self.location.search); |
26 | 23 |
27 // Cross-origin | 24 // Cross-origin |
28 async_test(t => { | 25 async_test(t => { |
29 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr
oss-origin-fetch"; | 26 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr
oss-origin-fetch"; |
30 | 27 |
31 Promise.all([ | 28 Promise.all([ |
32 waitUntilCSPEventForURL(t, url), | 29 // TODO(mkwst): A 'securitypolicyviolation' event should fire. |
33 fetch(url) | 30 fetch(url) |
34 .catch(t.step_func(e => assert_true(e instanceof TypeError))) | 31 .catch(t.step_func(e => assert_true(e instanceof TypeError))) |
35 ]).then(_ => t.done()); | 32 ]).then(t.step_func_done()); |
36 }, "Cross-origin 'fetch()' in " + self.location.protocol + self.location.search)
; | 33 }, "Cross-origin 'fetch()' in " + self.location.protocol + self.location.search)
; |
37 | 34 |
38 async_test(t => { | 35 async_test(t => { |
39 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr
oss-origin-xhr"; | 36 var url = "http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cr
oss-origin-xhr"; |
40 | 37 |
41 Promise.all([ | 38 Promise.all([ |
42 waitUntilCSPEventForURL(t, url), | 39 // TODO(mkwst): A 'securitypolicyviolation' event should fire. |
43 new Promise((resolve, reject) => { | 40 new Promise((resolve, reject) => { |
44 var xhr = new XMLHttpRequest(); | 41 var xhr = new XMLHttpRequest(); |
45 try { | 42 xhr.open("GET", url); |
46 xhr.open("GET", url); | 43 xhr.onload = t.step_func(_ => reject("xhr.open should have thrown.")); |
47 reject("xhr.open should have thrown"); | 44 xhr.onerror = t.step_func(resolve); |
48 } catch (e) { | 45 xhr.send(); |
49 resolve(); | |
50 } | |
51 }) | 46 }) |
52 ]).then(_ => t.done()); | 47 ]).then(t.step_func_done()); |
53 }, "Cross-origin XHR in " + self.location.protocol + self.location.search); | 48 }, "Cross-origin XHR in " + self.location.protocol + self.location.search); |
54 | 49 |
55 // Same-origin redirecting to cross-origin | 50 // Same-origin redirecting to cross-origin |
56 async_test(t => { | 51 async_test(t => { |
57 var url = "{{location[server]}}/common/redirect-opt-in.py?status=307&location=
http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cross-origin-fe
tch"; | 52 var url = "{{location[server]}}/common/redirect-opt-in.py?status=307&location=
http://{{domains[www]}}:{{ports[http][1]}}/common/text-plain.txt?cross-origin-fe
tch"; |
58 // TODO(mkwst): The event should be firing. :( | |
59 | 53 |
| 54 // TODO(mkwst): A 'securitypolicyviolation' event should fire. |
60 fetch(url) | 55 fetch(url) |
61 .catch(t.step_func_done(e => assert_true(e instanceof TypeError))) | 56 .catch(t.step_func_done(e => assert_true(e instanceof TypeError))) |
62 }, "Same-origin => cross-origin 'fetch()' in " + self.location.protocol + self.l
ocation.search); | 57 }, "Same-origin => cross-origin 'fetch()' in " + self.location.protocol + self.l
ocation.search); |
63 | 58 |
64 done(); | 59 done(); |
OLD | NEW |