third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html - Issue 2456013002: CSP: 'connect-src' should not cause exceptions.

Unified Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html

Issue 2456013002: CSP: 'connect-src' should not cause exceptions. (Closed)

Patch Set: Ugh. Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html » ('j') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/inside-worker/dedicated-inheritance.html » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html

diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html

new file mode 100644

index 0000000000000000000000000000000000000000..3e8f66c1a13d826c66172344d80116d50569cb6a

--- /dev/null

+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html

@@ -0,0 +1,69 @@

+<!DOCTYPE html>

+<meta http-equiv="Content-Security-Policy" content="connect-src 'self'">

+<script src="/resources/testharness.js"></script>

+<script src="/resources/testharnessreport.js"></script>

+<script>

+ async_test(t => {

+ var errorEvent = false;

+ var cspEvent = false;

+ var xhr = new XMLHttpRequest;

+ xhr.open("GET", "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt");

+ xhr.onload = t.unreached_func("Load should not fire.");

+ xhr.onerror = t.step_func(e => {

+ assert_equals(xhr.readyState, XMLHttpRequest.DONE);

+ assert_false(errorEvent);

+ errorEvent = true;

+ if (cspEvent)

+ t.done();

+ });

+ document.addEventListener("securitypolicyviolation", t.step_func(e => {

+ if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt")

+ return;

+ assert_equals(xhr.readyState, XMLHttpRequest.DONE);

+ assert_equals(e.violatedDirective, "connect-src");

+ assert_false(cspEvent);

+ cspEvent = true;

+ if (errorEvent)

+ t.done();

+ }));

+ xhr.send();

+ }, "XHR should fire onerror.");

+ async_test(t => {

+ var errorEvent = false;

+ var cspEvent = false;

+ var xhr = new XMLHttpRequest;

+ xhr.open("GET", "/common/redirect-opt-in.py?status=307&location=http://{{domains[www]}}:{{ports[http][0]}}/common/text-plain.txt");

+ xhr.onload = t.unreached_func("Load should not fire.");

+ xhr.onerror = t.step_func(e => {

+ assert_equals(xhr.readyState, XMLHttpRequest.DONE);

+ assert_false(errorEvent);

+ errorEvent = true;

+ if (cspEvent)

+ t.done();

+ });

+ document.addEventListener("securitypolicyviolation", t.step_func(e => {

+ if (e.blockedURI != "http://{{domains[www]}}:{{ports[http][0]}}")

+ return;

+ assert_equals(xhr.readyState, XMLHttpRequest.DONE);

+ assert_equals(e.violatedDirective, "connect-src");

+ assert_false(cspEvent);

+ cspEvent = true;

+ if (errorEvent)

+ t.done();

+ }));

+ xhr.send();

+ }, "XHR should fire onerror after a redirect.");

+</script>