| OLD | NEW |
|---|
| 1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
| 2 <html> | 2 <html> |
| 3 <head> | 3 <head> |
| 4 <script src="/resources/testharness.js"></script> | 4 <script src="/resources/testharness.js"></script> |
| 5 <script src="/resources/testharnessreport.js"></script> | 5 <script src="/resources/testharnessreport.js"></script> |
| 6 </head> | 6 </head> |
| 7 <body> | 7 <body> |
| 8 <script> | 8 <script> |
| 9 src = '../resources/get-embedding-csp-header.php'; | 9 src = '../resources/get-embedding-csp-header.php'; |
| 10 new_src = '../resources/get-embedding-csp-header-and-respond.php'; | 10 new_src = '../resources/get-embedding-csp-header-and-respond.php'; |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 42 | 42 |
| 43 document.body.appendChild(i); | 43 document.body.appendChild(i); |
| 44 }, "<iframe csp> sends an Embedding-CSP request header."); | 44 }, "<iframe csp> sends an Embedding-CSP request header."); |
| 45 | 45 |
| 46 async_test(t => { | 46 async_test(t => { |
| 47 var i = document.createElement('iframe'); | 47 var i = document.createElement('iframe'); |
| 48 i.csp = "script-src 'unsafe-inline'"; | 48 i.csp = "script-src 'unsafe-inline'"; |
| 49 i.src = src; | 49 i.src = src; |
| 50 document.body.appendChild(i); | 50 document.body.appendChild(i); |
| 51 | 51 |
| 52 i.contentWindow.location = new_src + "?csp=" + i.csp; | 52 i.onload = function() { |
| 53 window.addEventListener('message', t.step_func(e => { | 53 i.contentWindow.location = new_src + "?csp=" + i.csp; |
| 54 if (e.source != i.contentWindow || new_src != e.data['src']) | 54 window.addEventListener('message', t.step_func(e => { |
| 55 return; | 55 if (e.source != i.contentWindow || new_src != e.data['src']) |
| 56 assert_equals("script-src 'unsafe-inline'", e.data['embedding_csp']); | 56 return; |
| 57 t.done(); | 57 assert_equals("script-src 'unsafe-inline'", e.data['embedding_csp'])
; |
| 58 })); | 58 t.done(); |
| 59 })); |
| 60 } |
| 59 }, "Set Embedding-CSP Header on change of window's location."); | 61 }, "Set Embedding-CSP Header on change of window's location."); |
| 60 | 62 |
| 61 async_test(t => { | 63 async_test(t => { |
| 62 var i = document.createElement('iframe'); | 64 var i = document.createElement('iframe'); |
| 63 i.csp = "script-src 'unsafe-inline'"; | 65 i.csp = "script-src 'unsafe-inline'"; |
| 64 i.src = src; | 66 i.src = src; |
| 65 document.body.appendChild(i); | 67 document.body.appendChild(i); |
| 66 | 68 |
| 67 i.csp = "default-src 'unsafe-inline'"; | 69 i.csp = "default-src 'unsafe-inline'"; |
| 68 i.src = new_src + "?csp=" + i.csp; | 70 i.src = new_src + "?csp=" + i.csp; |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 105 i.src = new_redirect; | 107 i.src = new_redirect; |
| 106 window.addEventListener('message', t.step_func(e => { | 108 window.addEventListener('message', t.step_func(e => { |
| 107 if (e.source != i.contentWindow || new_src != e.data['src']) | 109 if (e.source != i.contentWindow || new_src != e.data['src']) |
| 108 return; | 110 return; |
| 109 assert_equals("default-src 'unsafe-inline'", e.data['embedding_csp']); | 111 assert_equals("default-src 'unsafe-inline'", e.data['embedding_csp']); |
| 110 t.done(); | 112 t.done(); |
| 111 })); | 113 })); |
| 112 }, "Set Embedding-CSP Header on change of csp attribte and redirect."); | 114 }, "Set Embedding-CSP Header on change of csp attribte and redirect."); |
| 113 </script> | 115 </script> |
| 114 </body> | 116 </body> |
| 115 </html> | 117 </html> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2694013005:
Cleanup blink-side PlzNavigate logic (Closed)
