third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-in-new-window.html - Issue 2746333004: Revert of CSP: New test with form-action and a redirect into a new window.

Unified Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-in-new-window.html

Issue 2746333004: Revert of CSP: New test with form-action and a redirect into a new window. (Closed)

Patch Set: Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-in-new-window-expected.txt » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-in-new-window.html

diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-in-new-window.html b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-in-new-window.html

deleted file mode 100644

index be343afafdad45b74e46d946a79956c33a516331..0000000000000000000000000000000000000000

--- a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/form-action-src-redirect-blocked-in-new-window.html

+++ /dev/null

@@ -1,60 +0,0 @@

-<!DOCTYPE html>

-<!--

- TODO(mkwst, arthursonzogni). This test fails. See https://crbug.com/700964

--->

-<html>

-<head>

- <script src="/resources/testharness.js"></script>

- <script src="/resources/testharnessreport.js"></script>

- <meta http-equiv="Content-Security-Policy" content="form-action 127.0.0.1:8000">

-</head>

-<body>

- <form

- action="/resources/redirection-response.php?host=localhost:8000&status=302&target=/security/resources/post-done-to-opener.html"

- target="namedWindow"

- method="post">

- <input type='submit' id='submit'>

- </form>

- <script>

- async_test(t => {

- // #1 Open a new window with the name matching the form.target attribute

- // above.

- var namedWindow = window.open('http://localhost:8080/security/resources/empty.html', 'namedWindow')

- // #2 Wait the window to be loaded. It prevents the document url to still

- // be about:blank and to have inherited from its opener's CSP.

- setTimeout(function() {

- window.addEventListener('message', t.step_func(e => {

- if (e.source == namedWindow && e.data == "done")

- assert_unreached("The form submission wasn't blocked.");

- }));

- // The navigation should be blocked, either in the current window 1) or

- // in the new window 2).

- // 1) The navigation is blocked in the current window.

- window.addEventListener('securitypolicyviolation', t.step_func(e => {

- assert_equals(e.effectiveDirective, "form-action");

- assert_equals(e.blockedURI, "localhost:8000/resources/post-done-to-opener.html");

- namedWindow.close();

- t.done();

- }));

- // 2) The navigation is blocked in the new window.

- setTimeout(t.step_func(() => {

- assert_equals(namedWindow.location.href, "localhost:8000/security/resources/empty.html");

- namedWindow.close();

- t.done();

- }), 500);

- // #3 Make a form submission with a redirect. It should be blocked by

- // the form-action directive after the redirect.

- document.getElementById('submit').click();

- }, 500);

- }, "The form resubmission should be blocked after the redirect");

- </script>

-</body>

-</html>