Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked.html |
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked.html b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked.html |
index 06f218b3c6dc696d25de2b75f47696cc6e58a320..d0b2a3bbb38db1837df6db183387a1e64b01a86b 100644 |
--- a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked.html |
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-beacon-blocked.html |
@@ -1,26 +1,29 @@ |
<!DOCTYPE html> |
-<html> |
-<head> |
-<meta http-equiv="Content-Security-Policy" content="connect-src http://localhost:8000"> |
+<meta http-equiv="Content-Security-Policy" content="connect-src 'self'"> |
+<script src="/resources/testharness.js"></script> |
+<script src="/resources/testharnessreport.js"></script> |
<script> |
-if (window.testRunner) |
- testRunner.dumpAsText(); |
-</script> |
-</head> |
-<body> |
-<pre id="console"></pre> |
-<script> |
-function log(msg) |
-{ |
- document.getElementById("console").appendChild(document.createTextNode(msg + "\n")); |
-} |
+ async_test(t => { |
+ navigator.sendBeacon("http://example.test:8000/security/contentSecurityPolicy/echo-report.php"); |
+ |
+ document.addEventListener("securitypolicyviolation", t.step_func_done(e => { |
+ if (e.blockedURI != "http://example.test:8000/xmlhttprequest/resources/get.txt") |
+ return; |
foolip
2016/10/27 13:59:50
This together with step_func_done might be wrong,
Mike West
2016/10/27 14:18:24
Yup. That was dumb.
|
+ |
+ assert_equals(xhr.readyState, XMLHttpRequest.DONE); |
foolip
2016/10/27 13:59:50
There's no xhr around.
Mike West
2016/10/27 14:18:24
Indeed!
|
+ assert_equals(e.violatedDirective, "connect-src"); |
+ })); |
+ }, "sendBeacon should not throw."); |
+ |
+ async_test(t => { |
foolip
2016/10/27 13:59:50
No t.done(), how does this test end?
|
+ navigator.sendBeacon("/resources/redirect.php?code=307&cors_allow_origin=*&url=http://example.test:8080/security/contentSecurityPolicy/echo-report.php"); |
+ |
+ document.addEventListener("securitypolicyviolation", t.step_func(e => { |
+ if (e.blockedURI != "http://example.test:8080") |
+ return; |
-try { |
- var es = navigator.sendBeacon("http://127.0.0.1:8000/security/contentSecurityPolicy/echo-report.php"); |
- log("Fail"); |
-} catch(e) { |
- log("Pass"); |
-} |
+ assert_equals(xhr.readyState, XMLHttpRequest.DONE); |
+ assert_equals(e.violatedDirective, "connect-src"); |
+ })); |
+ }, "sendBeacon should not throw after a redirect."); |
</script> |
-</body> |
-</html> |