third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html - Issue 2456013002: CSP: 'connect-src' should not cause exceptions.

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html

Issue 2456013002: CSP: 'connect-src' should not cause exceptions. (Closed)

Patch Set: Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-blocked.html ('K') | « third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-eventsource-redirect-to-blocked-expected.txt ('k') | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked-expected.txt » ('j') | third_party/WebKit/Source/modules/websockets/DOMWebSocket.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html

diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html

index c030b3239e12effd03413283da4b0f9de503a657..87f3795f9a84d7fc0a8502a17b1334bf068d3c58 100644

--- a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html

+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/connect-src-websocket-blocked.html

@@ -1,27 +1,31 @@

<!DOCTYPE html>

-<html>

-<head>

-<meta http-equiv="Content-Security-Policy" content="connect-src ws://127.0.0.1:8880">

+<meta http-equiv="Content-Security-Policy" content="connect-src 'self'">

+<script src="/resources/testharness.js"></script>

+<script src="/resources/testharnessreport.js"></script>

-if (window.testRunner)

- testRunner.dumpAsText();

-</script>

-</head>

-<body>

-<pre id="console"></pre>

-<script>

-function log(msg)

- document.getElementById("console").appendChild(document.createTextNode(msg + "\n"));

+ async_test(t => {

+ var eventsSeen = 0;

+ var ws = new WebSocket("ws://example.test:8880/echo");

+ ws.onopen = t.unreached_func("Open should not fire.");

foolip 2016/10/27 13:59:50 Maybe lowercase open

Mike West 2016/10/27 14:18:24 Sure!

+ ws.onerror = t.step_func(e => {

+ assert_equals(ws.readyState, WebSocket.CLOSED);

+ eventsSeen++;

+ if (eventsSeen == 2)

+ t.done();

+ });

+ document.addEventListener("securitypolicyviolation", t.step_func(e => {

+ if (e.blockedURI != "ws://example.test:8880")

+ return;

-try {

- var ws = new WebSocket("ws://localhost:8880/echo");

- log("Fail");

-} catch(e) {

- log("Pass");

+ assert_equals(ws.readyState, WebSocket.CLOSED);

+ assert_equals(e.violatedDirective, "connect-src");

+ eventsSeen++;

+ if (eventsSeen == 2)

+ t.done();

+ }));

+ }, "WebSocket should fire onerror.");

foolip 2016/10/27 13:59:50 Maybe "error event"

Mike West 2016/10/27 14:18:24 Sure!

</script>

-</body>

-</html>