Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(61)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/child-src/child-src-worker-allowed.sub.html

Issue 2803943007: Un-skipped wpt csp child-src tests (Closed)
Patch Set: Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/child-src/child-src-redirect-blocked.sub.html.sub.headers ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/child-src/child-src-worker-allowed.sub.html.sub.headers » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 3
4 <head> 4 <head>
5 <title>child-src-worker-allowed</title> 5 <title>child-src-worker-allowed</title>
6 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharness.js"></script>
7 <script src="/resources/testharnessreport.js"></script> 7 <script src="/resources/testharnessreport.js"></script>
8 <script src="../support/logTest.sub.js?logs=[]"></script> 8 <meta http-equiv="Content-Security-Policy" content="child-src 'self'; script -src 'unsafe-inline'; connect-src 'self';">
9 <script src='../support/alertAssert.sub.js?alerts=["PASS"]'></script>
10 <!-- enforcing policy:
11 child-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-inline'; connect-src 'self';
12 -->
13
14 </head> 9 </head>
15 10
16 <body> 11 <body>
12 <p> This test used to check the child-src csp controlling worker creation. T his behaviour has been deprecated but it's still supported
13 until the transition is done. This still tests that behaviour but we nee d to go through extra hoops to make sure 'script-src'
14 does not affect the result in any way (for instance by allowing 'self').
15 </p>
17 <script> 16 <script>
17 async_test(function(t) {
18 document.addEventListener("securitypolicyviolation", t.step_func(functio n(e) {
19 if (e.blockedURI != "{{location[scheme]}}://{{location[host]}}/content -security-policy/support/post-message.js")
20 return;
21
22 assert_unreached("Should not throw a securitypolicyviolation");
23 }));
24
18 try { 25 try {
19 var foo = new Worker('http://{{host}}:{{ports[http][0]}}/content-sec urity-policy/blink-contrib/resources/post-message.js'); 26 var foo = new Worker('{{location[scheme]}}://{{location[host]}}/cont ent-security-policy/support/post-message.js');
20 foo.onmessage = function(event) { 27 foo.onmessage = function(event) {
21 alert_assert("PASS"); 28 t.done();
22 }; 29 };
23 } catch (e) { 30 } catch (e) {
24 alert_assert(e); 31 assert_unreached("Should not throw exception");
25 } 32 }
26 33 }, "Worker is allowed because of deprecated 'child-src' directive");
27 </script> 34 </script>
28 <div id="log"></div> 35 <div id="log"></div>
29 <script async defer src="../support/checkReport.sub.js?reportExists=false">< /script>
30 </body> 36 </body>
31 37
32 </html> 38 </html>
OLDNEW
« no previous file with comments | « third_party/WebKit/LayoutTests/external/wpt/content-security-policy/child-src/child-src-redirect-blocked.sub.html.sub.headers ('k') | third_party/WebKit/LayoutTests/external/wpt/content-security-policy/child-src/child-src-worker-allowed.sub.html.sub.headers » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698