Adding upstream version 110.0.1.upstream/110.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 20 insertions, 0 deletions

diff --git a/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js b/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js
new file mode 100644
index 0000000000..2939595c13
--- /dev/null
+++ b/testing/web-platform/tests/background-fetch/content-security-policy.https.window.js
@@ -0,0 +1,20 @@
+// META: script=/service-workers/service-worker/resources/test-helpers.sub.js
+// META: script=resources/utils.js
+'use strict';
+
+// Tests that requests blocked by Content Security Policy are rejected.
+// https://w3c.github.io/webappsec-csp/#should-block-request
+
+// This is not a comprehensive test of Content Security Policy - it is just
+// intended to check that CSP checks are enabled.
+
+var meta = document.createElement('meta');
+meta.setAttribute('http-equiv', 'Content-Security-Policy');
+meta.setAttribute('content', "connect-src 'none'");
+document.head.appendChild(meta);
+
+backgroundFetchTest((t, bgFetch) => {
+  return promise_rejects_js(
+      t, TypeError,
+      bgFetch.fetch(uniqueId(), 'https://example.com'));
+}, 'fetch blocked by CSP should reject');