diff options
Diffstat (limited to 'testing/web-platform/tests/content-security-policy/navigate-to/parent-navigates-child-blocked.html')
-rw-r--r-- | testing/web-platform/tests/content-security-policy/navigate-to/parent-navigates-child-blocked.html | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/navigate-to/parent-navigates-child-blocked.html b/testing/web-platform/tests/content-security-policy/navigate-to/parent-navigates-child-blocked.html new file mode 100644 index 0000000000..c662da95fa --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/navigate-to/parent-navigates-child-blocked.html @@ -0,0 +1,28 @@ +<!DOCTYPE html> + +<head> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +</head> + +<body> +<script> + var t = async_test("Test that the parent can't navigate the child because the relevant policy belongs to the navigation initiator (in this case the parent, which has the policy `navigate-to support/wait_for_navigation.html;`)"); + window.onmessage = t.unreached_func("Should not have received a message as the navigation should not have been successful"); + window.addEventListener('securitypolicyviolation', t.step_func_done(function(e) { + assert_equals(e.violatedDirective, 'navigate-to'); + })); + + var i = document.createElement('iframe'); + var src_changed = false; + i.onload = function() { + if (src_changed) return; + src_changed = true; + i.src = "support/post_message_to_frame_owner.html"; + } + i.src = "support/wait_for_navigation.html?csp=navigate-to%20%27self%27"; + document.body.appendChild(i); +</script> + +<script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=navigate-to%20support%2Fwait_for_navigation.html'></script> +</body> |