From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 02:47:55 +0200 Subject: Adding upstream version 124.0.1. Signed-off-by: Daniel Baumann --- .../content-security-policy.https.window.js | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 testing/web-platform/tests/background-fetch/content-security-policy.https.window.js (limited to 'testing/web-platform/tests/background-fetch/content-security-policy.https.window.js') diff --git a/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js b/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js new file mode 100644 index 0000000000..0b12185c5b --- /dev/null +++ b/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js @@ -0,0 +1,23 @@ +// META: script=/service-workers/service-worker/resources/test-helpers.sub.js +// META: script=resources/utils.js +'use strict'; + +// Tests that requests blocked by Content Security Policy are rejected. +// https://w3c.github.io/webappsec-csp/#should-block-request + +// This is not a comprehensive test of Content Security Policy - it is just +// intended to check that CSP checks are enabled. + +var meta = document.createElement('meta'); +meta.setAttribute('http-equiv', 'Content-Security-Policy'); +meta.setAttribute('content', "connect-src 'none'"); +document.head.appendChild(meta); + +backgroundFetchTest(async (t, bgFetch) => { + const fetch = await bgFetch.fetch(uniqueId(), '/'); + + const record = await fetch.match('/'); + return promise_rejects_js( + t, TypeError, + record.responseReady); +}, 'fetch blocked by CSP should reject'); -- cgit v1.2.3