Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(710)

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/workers/dedicated-eval.html

Issue 2540983003: CSP: Dedicated workers always inherit policy. (Closed)
Patch Set: Rebase. Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/workers/dedicated-eval.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/workers/dedicated-eval.html b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/workers/dedicated-eval.html
new file mode 100644
index 0000000000000000000000000000000000000000..d48e25abaf172ac7e625ce52f8cc3d02c74b4a37
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/workers/dedicated-eval.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<meta http-equiv="content-security-policy" content="script-src 'self' 'nonce-a' blob: filesystem:">
+<script nonce="a">
+ // The filesystem test takes some nesting to setup:
+ setup({explicit_done: true});
+
+ // External URLs inherit policy.
+ fetch_tests_from_worker(new Worker("/security/contentSecurityPolicy/workers/resources/script-src-self.js"));
+
+ fetch("/security/contentSecurityPolicy/workers/resources/script-src-self.js")
+ .then(r => r.blob())
+ .then(b => {
+ // 'blob:' URLs inherit policy.
+ var u = URL.createObjectURL(b);
+ fetch_tests_from_worker(new Worker(u));
+
+ // 'filesystem:' URLs inherit policy.
+ window.webkitRequestFileSystem(window.TEMPORARY, 1024*1024, fs => {
+ fs.root.getFile('worker.js', { create: true }, entry => {
+ entry.createWriter(w => {
+ w.onwriteend = _ => {
+ var u = entry.toURL();
+ fetch_tests_from_worker(new Worker(u));
+
+ // explicit_done: yay.
+ done();
+ };
+ w.onerror = _ => {assert_unreached() };
+ w.write(b);
+ });
+ });
+ });
+ });
+</script>

Powered by Google App Engine
This is Rietveld 408576698