Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(10)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html

Issue 2711913003: Upstream Blink's 'securitypolicyviolation' tests. (Closed)
Patch Set: MANIFEST Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/inside-shared-worker.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image.sub.html » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html
diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html
new file mode 100644
index 0000000000000000000000000000000000000000..65311c32ad6e27a744764800e43d5ddb47160e97
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/content-security-policy/support/testharness-helper.js"></script>
+<meta http-equiv="Content-Security-Policy" content="img-src 'none'">
+<body>
+<script>
+ async_test(t => {
+ waitUntilEvent(window, "securitypolicyviolation")
+ .then(t.step_func_done(e => {
+ assert_equals(e.documentURI, document.location.toString());
+ assert_equals(e.referrer, document.referrer);
+ assert_equals(e.blockedURI, "http://{{domains[www]}}:{{ports[http][0]}}/content-security-policy/support/fail.png");
+ assert_equals(e.violatedDirective, "img-src");
+ assert_equals(e.effectiveDirective, "img-src");
+ assert_equals(e.originalPolicy, "img-src \'none\'");
+ assert_equals(e.disposition, "enforce");
+ assert_equals(e.sourceFile, "");
+ assert_equals(e.lineNumber, 0);
+ assert_equals(e.columnNumber, 0);
+ assert_equals(e.statusCode, 200);
+ }));
+
+ var s = document.createElement("script");
+ s.src = "{{location[scheme]}}://{{domains[www2]}}:{{location[port]}}/content-security-policy/support/inject-image.sub.js";
+ document.body.appendChild(s);
+ }, "Non-redirected cross-origin URLs are not stripped.");
+</script>
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/inside-shared-worker.html ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image.sub.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698