diff options
Diffstat (limited to 'testing/web-platform/tests/content-security-policy/prefetch-src/prefetch-blocked-by-default.html')
| -rw-r--r-- | testing/web-platform/tests/content-security-policy/prefetch-src/prefetch-blocked-by-default.html | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/prefetch-src/prefetch-blocked-by-default.html b/testing/web-platform/tests/content-security-policy/prefetch-src/prefetch-blocked-by-default.html new file mode 100644 index 0000000000..0e54de66de --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/prefetch-src/prefetch-blocked-by-default.html @@ -0,0 +1,25 @@ +<!DOCTYPE html> +<html> +<head> + <!-- Block everything by default, but allow the page's scripts to execute. --> + <meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'unsafe-inline' 'self'"> + + <script src='/resources/testharness.js'></script> + <script src='/resources/testharnessreport.js'></script> + <script src='/content-security-policy/support/testharness-helper.js'></script> + <script src='/content-security-policy/support/prefetch-helper.js'></script> + <script> + async_test(t => { + let url = window.origin + '/content-security-policy/support/fail.png'; + + let link = document.createElement('link'); + link.rel = 'prefetch'; + link.href = url; + + assert_link_does_not_prefetch(t, link); + }, "`default-src`-blocked prefetch generates report."); + </script> +</head> +<body> +</body> +</html> |