Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(17)

Side by Side Diff: LayoutTests/http/tests/security/script-onerror-no-crossorigin-cors.html

Issue 47923008: Block execution of failed 'crossorigin' <script>s. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Rebased Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <head> 2 <head>
3 </head> 3 </head>
4 <body> 4 <body>
5 <script src="../../js-test-resources/js-test.js"></script> 5 <script src="/js-test-resources/js-test.js"></script>
6 <script> 6 <script>
7 window.jsTestIsAsync = true; 7 window.jsTestIsAsync = true;
8 description("The test passes if 'window.onerror' gets sanitized informat ion about an exception thrown in a script loaded without a 'crossorigin' attribu te, and delivered with valid CORS headers."); 8 description("The test passes if 'window.onerror' gets sanitized informat ion about an exception thrown in a script loaded without a 'crossorigin' attribu te, and delivered with valid CORS headers.");
9 9
10 window.onerror = function(msg, url, line, column, error) { 10 window.onerror = function(msg, url, line, column, error) {
11 window.msg = msg; 11 window.msg = msg;
12 window.url = url; 12 window.url = url;
13 window.line = line; 13 window.line = line;
14 window.column = column; 14 window.column = column;
15 window.errorObject = error; 15 window.errorObject = error;
16 shouldBeEqualToString("msg", "Script error."); 16 shouldBeEqualToString("msg", "Script error.");
17 shouldBeEqualToString("url", ""); 17 shouldBeEqualToString("url", "");
18 shouldBe("line", "0"); 18 shouldBe("line", "0");
19 shouldBe("column", "0"); 19 shouldBe("column", "0");
20 shouldBeNull("window.errorObject"); 20 shouldBeNull("window.errorObject");
21 finishJSTest(); 21 finishJSTest();
22 } 22 }
23 </script> 23 </script>
24 <script src="http://localhost:8000/security/resources/cors-script.php?fail=t rue&cors=true"></script> 24 <script src="http://localhost:8000/security/resources/cors-script.php?fail=t rue&cors=true"></script>
25 </body> 25 </body>
26 </html> 26 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698