diff options
Diffstat (limited to 'testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html')
-rw-r--r-- | testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html b/testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html new file mode 100644 index 0000000000..16a3d94fce --- /dev/null +++ b/testing/web-platform/tests/fenced-frame/csp-blocked-transparent.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<title>Test transparent fenced frame navigations with blocked CSP</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="/common/utils.js"></script> +<script src="resources/utils.js"></script> +<script src="/common/get-host-info.sub.js"></script> +<script src="/common/dispatcher/dispatcher.js"></script> + +<body> +<script> +const blockedCSPs = [ + "none", + "https://localhost:80", + "https://*:80", + "https://localhost:*" +]; +blockedCSPs.forEach((csp) => { + promise_test(async() => { + const iframe = setupCSP(csp); + const key = token(); + const url = generateURL("/fenced-frame/resources/embeddee.html", [key]); + + await iframe.execute(async (key, url, csp) => { + let promise = new Promise((resolve) => { + window.addEventListener('securitypolicyviolation', function(e) { + resolve(e.violatedDirective + ";" + e.blockedURI); + }, {once: true}); + }); + + attachFencedFrame(url); + + await promise.then((result) => { + assert_equals(result, "fenced-frame-src;" + url, + "The fenced frame should not load for CSP fenced-frame-src " + csp); + }); + }, [key, url, csp]); + }, "Fenced frame loaded for CSP fenced-frame-src " + csp); +}); +</script> +</body> |