third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-from-guid.sub.html - Issue 2704543002: Import wpt@3bd204d7e86fd81e98e63f4ce59b95d98bad1c54

Unified Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-from-guid.sub.html

Issue 2704543002: Import wpt@3bd204d7e86fd81e98e63f4ce59b95d98bad1c54 (Closed)

Patch Set: Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-eval-blocked.sub.html.sub.headers ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-from-guid.sub.html.sub.headers » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-from-guid.sub.html

diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-from-guid.sub.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-from-guid.sub.html

new file mode 100644

index 0000000000000000000000000000000000000000..b290b82f649435c9426a8bf84f409918590cd809

--- /dev/null

+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib/worker-from-guid.sub.html

@@ -0,0 +1,65 @@

+<!DOCTYPE html>

+<html>

+<head>

+

+ <title>worker-connect-src-blocked</title>

+ <script src="/resources/testharness.js"></script>

+ <script src="/resources/testharnessreport.js"></script>

+ <script src="../support/logTest.sub.js?logs=[]"></script>

+ <script src='../support/alertAssert.sub.js?alerts=["xhr blocked","TEST COMPLETE"]'></script>

+ <!-- enforcing policy:

+connect-src 'self'; script-src 'self' 'unsafe-inline' blob:;

+-->

+</head>

+<p>This test loads a worker, from a guid.

+ The worker should be blocked from making an XHR

+ to www1 as this resource's policy is connect-src 'self

+ and a guid Worker should inherit is parent's policy.

+ A report should be sent to the report-uri specified

+ with this resource.</p>

+<body>

+ <script>

+ try {

+ var blob = new Blob([

+ "var xhr = new XMLHttpRequest;" +

+ "xhr.onerror = function () {" +

+ " postMessage('xhr blocked');" +

+ " postMessage('TEST COMPLETE');" +

+ "};" +

+ "xhr.onload = function () {" +

+ " if (xhr.responseText == 'FAIL') {" +

+ " postMessage('xhr allowed');" +

+ " } else {" +

+ " postMessage('xhr blocked');" +

+ " }" +

+ " postMessage('TEST COMPLETE');" +

+ "};" +

+ "try { " +

+ " xhr.open(" +

+ " 'GET'," +

+ " 'http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.asis'," +

+ " true" +

+ " );" +

+ " xhr.send();" +

+ "} catch (e) {" +

+ " postMessage('xhr blocked');" +

+ " postMessage('TEST COMPLETE');" +

+ "}"],

+ {type : 'application/javascript'});

+ var url = URL.createObjectURL(blob);

+ var worker = new Worker(url);

+ worker.onmessage = function(event) {

+ alert_assert(event.data);

+ };

+ } catch (e) {

+ alert_assert(e);

+ }

+ </script>

+ <div id="log"></div>

+ <script async defer src="../support/checkReport.sub.js?reportExists=true&reportField=violated-directive&reportValue=connect-src%20'self'"></script>

+</body>

+</html>