Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(549)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/cascade/cross-origin-with-own-policy-window-open.html

Issue 2792213002: Prevent layout tests from being broken by data URL deprecation. (Closed)
Patch Set: Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/cascade/cross-origin-window-open.html ('k') | third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-can-navigate.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <script src="/resources/testharness.js"></script> 4 <script src="/resources/testharness.js"></script>
5 <script src="/resources/testharnessreport.js"></script> 5 <script src="/resources/testharnessreport.js"></script>
6 <script src="/security/contentSecurityPolicy/resources/cascade-helper.js"></sc ript> 6 <script src="/security/contentSecurityPolicy/resources/cascade-helper.js"></sc ript>
7 <meta http-equiv="content-security-policy" content="img-src http://127.0.0.1:8 000 http://example.test:8000"> 7 <meta http-equiv="content-security-policy" content="img-src http://127.0.0.1:8 000 http://example.test:8000">
8 </head> 8 </head>
9 <body> 9 <body>
10 <script> 10 <script>
11 async_test(t => { 11 async_test(t => {
12 assert_allowed_image_in_document(t, document, "http://example.test:8000/reso urces/square.png?img-in-top-level"); 12 assert_allowed_image_in_document(t, document, "http://example.test:8000/reso urces/square.png?img-in-top-level");
13 }, "Image loaded in top-level blocked."); 13 }, "Image loaded in top-level blocked.");
14 14
15 async_test(t => { 15 async_test(t => {
16 window.addEventListener("message", t.step_func(e => { 16 window.addEventListener("message", t.step_func(e => {
17 assert_equals(e.data, "blocked"); 17 assert_equals(e.data, "blocked");
18 t.done(); 18 t.done();
19 })); 19 }));
20 20
21 window.open("data:text/html," + 21 var win = window.open("about:blank");
22 "<meta http-equiv='content-security-policy' content='img-src htt p://127.0.0.1:8000'>" + 22 win.document.write(
23 "<script>" + 23 "<meta http-equiv='content-security-policy'" +
24 " var i = document.createElement('img');" + 24 " content='img-src http://127.0.0.1:8000'>" +
25 " i.onload = _ => opener.postMessage('loaded', '*');" + 25 "<script>" +
26 " i.onerror = _ => opener.postMessage('blocked', '*');" + 26 " var i = document.createElement('img');" +
27 " i.src = 'http://example.test:8000/resources/square.png?data-f rame'" + 27 " i.onload = _ => opener.postMessage('loaded', '*');" +
28 "</scr" + "ipt>"); 28 " i.onerror = _ => opener.postMessage('blocked', '*');" +
29 " i.src = 'http://example.test:8000/resources/square.png?data-frame'" +
30 "</scr" + "ipt>");
29 }, "Image loaded via data: frame blocked."); 31 }, "Image loaded via data: frame blocked.");
30 </script> 32 </script>
31 </body> 33 </body>
32 </html> 34 </html>
OLDNEW
« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/cascade/cross-origin-window-open.html ('k') | third_party/WebKit/LayoutTests/http/tests/security/popup-allowed-by-sandbox-can-navigate.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698