Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html |
diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..0c518d6c73e366ee2c0bdc060d12ad265a55e74d |
--- /dev/null |
+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html |
@@ -0,0 +1,61 @@ |
+<!DOCTYPE html> |
+<meta http-equiv="Content-Security-Policy" content="connect-src 'self'"> |
+<script src="/resources/testharness.js"></script> |
+<script src="/resources/testharnessreport.js"></script> |
+<script> |
+ async_test(t => { |
+ var errorEvent = false; |
+ var cspEvent = false; |
+ |
+ var es = new EventSource("http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt"); |
+ es.onerror = t.step_func(e => { |
+ assert_equals(es.readyState, EventSource.CLOSED); |
+ |
+ assert_false(errorEvent); |
+ errorEvent = true; |
+ if (cspEvent) |
+ t.done(); |
+ }); |
+ |
+ document.addEventListener("securitypolicyviolation", t.step_func(e => { |
+ if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt") |
+ return; |
+ |
+ assert_equals(es.readyState, EventSource.CLOSED); |
+ assert_equals(e.violatedDirective, "connect-src"); |
+ |
+ assert_false(cspEvent); |
+ cspEvent = true; |
+ if (errorEvent) |
+ t.done(); |
+ })); |
+ }, "EventSource should fire onerror."); |
+ |
+ async_test(t => { |
+ var errorEvent = false; |
+ var cspEvent = false; |
+ |
+ var es = new EventSource("/common/redirect-opt-in.py?status=307&location=http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt"); |
+ es.onerror = t.step_func(e => { |
+ assert_equals(es.readyState, EventSource.CLOSED); |
+ |
+ assert_false(errorEvent); |
+ errorEvent = true; |
+ if (cspEvent) |
+ t.done(); |
+ }); |
+ |
+ document.addEventListener("securitypolicyviolation", t.step_func(e => { |
+ if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}") |
+ return; |
+ |
+ assert_equals(es.readyState, EventSource.CLOSED); |
+ assert_equals(e.violatedDirective, "connect-src"); |
+ |
+ assert_false(cspEvent); |
+ cspEvent = true; |
+ if (errorEvent) |
+ t.done(); |
+ })); |
+ }, "EventSource should fire onerror after a redirect."); |
+</script> |