dom/security/test/csp/file_websocket_explicit.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

<!DOCTYPE HTML>
<html>
<head>
  <meta charset="utf-8">
  <title>Bug 1345615: Allow websocket schemes when using 'self' in CSP</title>
  <meta http-equiv="Content-Security-Policy" content="connect-src ws:">
</head>
<body>
  <script type="application/javascript">
    /* load socket using ws */
    var wsSocket = new WebSocket("ws://example.com/tests/dom/security/test/csp/file_websocket_self");
    wsSocket.onopen = function(e) {
      window.parent.postMessage({result: "explicit-ws-loaded"}, "*");
      wsSocket.close();
    };
    wsSocket.onerror = function(e) {
      window.parent.postMessage({result: "explicit-ws-blocked"}, "*");
    };

    /* load socket using wss */
    var wssSocket = new WebSocket("wss://example.com/tests/dom/security/test/csp/file_websocket_self");
    wssSocket.onopen = function(e) {
      window.parent.postMessage({result: "explicit-wss-loaded"}, "*");
      wssSocket.close();
    };
    wssSocket.onerror = function(e) {
      window.parent.postMessage({result: "explicit-wss-blocked"}, "*");
    };
  </script>
</body>
</html>