third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-src/dedicated-fallback.html - Issue 2533313002: CSP: Move 'worker-src' onto 'script-src'

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-src/dedicated-fallback.html

Issue 2533313002: CSP: Move 'worker-src' onto 'script-src' (Closed)

Patch Set: Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-src/dedicated-child.html ('k') | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/worker-src/service-child.html » ('j') | third_party/WebKit/Source/core/frame/csp/CSPDirectiveList.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 <!DOCTYPE html>	1 <!DOCTYPE html>

2 <script src="/resources/testharness.js"></script>	2 <script src="http://example.test:8000/resources/testharness.js"></script>

3 <script src="/resources/testharnessreport.js"></script>	3 <script src="http://example.test:8000/resources/testharnessreport.js"></script>

4 <script src="../resources/testharness-helper.js"></script>	4 <script src="http://example.test:8000/security/contentSecurityPolicy/resources/t estharness-helper.js"></script>

5 <meta http-equiv="Content-Security-Policy" content="worker-src http://127.0.0.1: 8000 blob:; child-src 'none'">	5 <meta http-equiv="Content-Security-Policy" content="worker-src http://127.0.0.1: 8000 blob:; script-src 'unsafe-inline' 'http://example.test:8000'">
	estark 2016/11/29 22:01:16 No quotes around the URL No quotes around the URL Mike West 2016/11/30 12:34:30 And that explains why the test is failing... Good Show quoted text On 2016/11/29 at 22:01:16, estark wrote: > No quotes around the URL And that explains why the test is failing... Good eye!
6 <script>	6 <script>

7 var url = new URL("/security/contentSecurityPolicy/resources/ping.js", documen t.baseURI).toString();	7 var url = new URL("/security/contentSecurityPolicy/resources/ping.js", documen t.baseURI).toString();

8 assert_worker_is_loaded(url, "Same-origin dedicated worker allowed by host-sou rce expression.");	8 assert_worker_is_loaded(url, "Same-origin dedicated worker allowed by host-sou rce expression.");

9	9

10 var b = new Blob(["postMessage('ping');"], {type: "text/javascript"});	10 var b = new Blob(["postMessage('ping');"], {type: "text/javascript"});

11 var url = URL.createObjectURL(b);	11 var url = URL.createObjectURL(b);

12 assert_worker_is_loaded(url, "blob: dedicated worker allowed by 'blob:'.");	12 assert_worker_is_loaded(url, "blob: dedicated worker allowed by 'blob:'.");

13 </script>	13 </script>

OLD	NEW