Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html |
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..9f3de5f2ca470773c4e000f0f85642ccaa2b7e31 |
--- /dev/null |
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-get-blocked-with-redirect.html |
@@ -0,0 +1,31 @@ |
+<!DOCTYPE html> |
+<html> |
+<head> |
+<meta http-equiv="Content-Security-Policy" content="form-action 127.0.0.1:8000"> |
+<script> |
+ if (window.testRunner) { |
+ testRunner.dumpAsText(); |
+ testRunner.waitUntilDone(); |
+ testRunner.clearBackForwardList(); |
+ testRunner.dumpBackForwardList(); |
+ } |
+ window.addEventListener('load', function() { |
+ setTimeout(function () { |
+ testRunner.notifyDone(); |
+ }, 1000); |
+ document.getElementById('submit').click(); |
+ }); |
+</script> |
+</head> |
+<body> |
+ <form |
+ action="/resources/redirection-response.php?host=localhost:8000&status=302&target=/navigation/resources/form-target.pl" |
+ id='theform' |
+ method='post'> |
+ <input type='text' name='fieldname' value='fieldvalue'> |
+ <input type='submit' id='submit' value='submit'> |
+ </form> |
+ |
+ <p>Tests that blocking form actions works correctly. If this test passes, you will see a console error, and will not see a page indicating a form was POSTed.</p> |
alexmos
2017/03/16 23:05:36
nit: update description to mention redirects.
arthursonzogni
2017/03/17 14:58:25
Done.
|
+</body> |
+</html> |