blob: da12f3d042655d334452f85c1d232046f1b7f409 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
<!DOCTYPE html>
<title>
Request's destination must be "webbundle" with the script-based API
</title>
<link
rel="help"
href="https://github.com/WICG/webpackage/blob/main/explainers/subresource-loading.md"
/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="../resources/test-helpers.js"></script>
<body>
<script>
setup(() => {
assert_true(HTMLScriptElement.supports("webbundle"));
});
// check-sec-fetch-dest-header-and-return-bundle.py returns a valid format
// bundle only if a 'Sec-Fetch-Dest: webbundle' header is present in a request.
// Otherwise, returns an empty body with 400 status code.
//
// In this wpt, we assume that a <script> element fires a load event correctly if
// a valid format webbundle is returned.
const same_origin_bundle =
"../resources/check-sec-fetch-dest-header-and-return-bundle.py";
const cross_origin_bundle =
"https://{{domains[www1]}}:{{ports[https][0]}}/web-bundle/resources/check-sec-fetch-dest-header-and-return-bundle.py";
promise_test(async () => {
for (const bundle of [same_origin_bundle, cross_origin_bundle]) {
const element = createWebBundleElement(bundle, /*resources=*/ []);
await addElementAndWaitForLoad(element);
element.remove();
}
}, '"Sec-Fetch-Dest: webbundle" header must be present in a request for a bundle'
+ " with <script type=webbundle>.");
promise_test(async () => {
const res = await fetch(same_origin_bundle);
assert_false(res.ok);
}, '"Sec-Fetch-Dest: webbundle" header must not be present in a fetch request' + " for a same-origin resource.");
promise_test(async () => {
const res = await fetch(cross_origin_bundle);
assert_false(res.ok);
}, '"Sec-Fetch-Dest: webbundle" header must not be present in a fetch request' + " for a cross-origin resource.");
</script>
</body>
|