31 lines
837 B
HTML
31 lines
837 B
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>connect-src-json-import-blocked</title>
|
|
<meta
|
|
http-equiv="Content-Security-Policy"
|
|
content="connect-src 'none'; script-src 'self' 'unsafe-inline';"
|
|
/>
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
</head>
|
|
|
|
<body>
|
|
<script>
|
|
promise_test((t) => {
|
|
let check_spv = new Promise((resolve) => {
|
|
window.addEventListener("securitypolicyviolation", (e) => {
|
|
if (e.blockedURI.endsWith("dummy.json")) {
|
|
resolve();
|
|
}
|
|
});
|
|
});
|
|
|
|
return Promise.all([
|
|
promise_rejects_js(t, TypeError, import("/common/dummy.json", { with: { type: "json" } })),
|
|
check_spv,
|
|
]);
|
|
});
|
|
</script>
|
|
</body>
|
|
</html>
|