diff options
Diffstat (limited to 'testing/web-platform/tests/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html')
| -rw-r--r-- | testing/web-platform/tests/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html b/testing/web-platform/tests/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html new file mode 100644 index 0000000000..3b54528d56 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html @@ -0,0 +1,23 @@ +<!DOCTYPE html> +<html> + +<head> + <script nonce="abc" src="/resources/testharness.js"></script> + <script nonce="abc" src="/resources/testharnessreport.js"></script> +</head> + +<!-- This tests that navigating a main window to a local scheme preserves the current CSP. + We need to test this in a main window with no parent/opener so we use + a link with target=_blank and rel=noopener. --> +<body> + <script> + const a = document.createElement("a") + a.href = "support/navigate-self-to-blob.html?csp=script-src%20%27nonce-abc%27&report_id={{$id:uuid()}}"; + a.target = "_blank" + a.rel = "noopener" + a.click() + </script> + <script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=script-src%20%27nonce-abc%27&reportID={{$id}}'></script> +</body> + +</html> |