Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 23 insertions, 0 deletions

diff --git a/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js b/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js
new file mode 100644
index 0000000000..0b12185c5b
--- /dev/null
+++ b/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js
@@ -0,0 +1,23 @@
+// META: script=/service-workers/service-worker/resources/test-helpers.sub.js
+// META: script=resources/utils.js
+'use strict';
+
+// Tests that requests blocked by Content Security Policy are rejected.
+// https://w3c.github.io/webappsec-csp/#should-block-request
+
+// This is not a comprehensive test of Content Security Policy - it is just
+// intended to check that CSP checks are enabled.
+
+var meta = document.createElement('meta');
+meta.setAttribute('http-equiv', 'Content-Security-Policy');
+meta.setAttribute('content', "connect-src 'none'");
+document.head.appendChild(meta);
+
+backgroundFetchTest(async (t, bgFetch) => {
+  const fetch = await bgFetch.fetch(uniqueId(), '/');
+
+  const record = await fetch.match('/');
+  return promise_rejects_js(
+      t, TypeError,
+      record.responseReady);
+}, 'fetch blocked by CSP should reject');