35 lines
1.4 KiB
HTML
35 lines
1.4 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<script src="/resources/testharness.js"></script>
|
|
<script src="/resources/testharnessreport.js"></script>
|
|
<script src="/common/utils.js"></script>
|
|
<script src="/common/get-host-info.sub.js"></script>
|
|
<script src="/content-security-policy/support/testharness-helper.js"></script>
|
|
<script src="/content-security-policy/support/prefetch-helper.js"></script>
|
|
<meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'unsafe-inline'; img-src http://{{domains[www2]}}:{{ports[http][0]}}"/>
|
|
|
|
<script>
|
|
const { OTHER_ORIGIN, REMOTE_ORIGIN } = get_host_info();
|
|
|
|
promise_test(async (t) => {
|
|
const url = new URL("/common/dummy.xml", location.href);
|
|
assert_true(await try_to_prefetch(url, t));
|
|
}, "Prefetch should succeed when restricted by default-src but allowed by " +
|
|
"other directive");
|
|
|
|
promise_test(async (t) => {
|
|
const url = new URL("/common/dummy.xml", REMOTE_ORIGIN);
|
|
assert_false(await try_to_prefetch(url, t));
|
|
}, "Prefetch should fail when restricted by default-src and different " +
|
|
"origin allowed by other directive");
|
|
|
|
promise_test(async (t) => {
|
|
const url = new URL("/common/dummy.xml", OTHER_ORIGIN);
|
|
assert_true(await try_to_prefetch(url, t));
|
|
}, "Prefetch should succeed when restricted by default-src but origin " +
|
|
"allowed by other directive");
|
|
</script>
|
|
</head>
|
|
<body></body>
|
|
</html>
|