blob: 4c771935415c362bf736c1ceb43e46d9c987b882 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
// META: script=/common/get-host-info.sub.js
// META: script=/common/utils.js
// META: script=/common/dispatcher/dispatcher.js
// Regression test for https://crbug.com/1262203
//
// A cross-origin document initiates a same-document navigation. This navigation
// is subject to CSP:frame-src 'none', but this doesn't apply, since it's a
// same-document navigation. This test checks this doesn't lead to a crash.
promise_test(async test => {
const child_token = token();
const child = new RemoteContext(child_token);
const iframe = document.createElement("iframe");
iframe.src = remoteExecutorUrl(child_token, {
host: get_host_info().REMOTE_HOST
});
document.body.appendChild(iframe);
// Install a promise waiting for a same-document navigation to happen in the
// child.
await child.execute_script(() => {
window.sameDocumentNavigation = new Promise(resolve => {
window.addEventListener("popstate", resolve);
});
});
// Append a new CSP, disallowing new iframe navigations.
const meta = document.createElement("meta");
meta.httpEquiv = "Content-Security-Policy";
meta.content = "frame-src 'none'";
document.head.appendChild(meta);
document.addEventListener(
"securitypolicyviolation",
test.unreached_func("same-document navigations aren't subject to CSP"));
// Create a same-document navigation, inititated cross-origin in the iframe.
// It must not be blocked by the CSP above.
iframe.src += "#foo";
// Make sure the navigation succeeded and was indeed a same-document one:
await child.execute_script(() => sameDocumentNavigation);
assert_equals(await child.execute_script(() => location.href), iframe.src);
})
|
