summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/content-security-policy/form-action/form-action-src-allowed-target-blank.sub.html
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--testing/web-platform/tests/content-security-policy/form-action/form-action-src-allowed-target-blank.sub.html33
1 files changed, 33 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/form-action/form-action-src-allowed-target-blank.sub.html b/testing/web-platform/tests/content-security-policy/form-action/form-action-src-allowed-target-blank.sub.html
new file mode 100644
index 0000000000..8727a82119
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/form-action/form-action-src-allowed-target-blank.sub.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>form-action-src-redirect-allowed-target-blank</title>
+ <meta http-equiv="Content-Security-Policy" content="form-action 'self'">
+ <script src="/resources/testharness.js"></script>
+ <script src="/resources/testharnessreport.js"></script>
+ <script>
+ function OnDocumentLoaded() {
+ let test = async_test("form submission targetting _blank allowed after a redirect");
+ window.addEventListener("message", function(event) {
+ if (event.data == "DocumentNotBlocked") {
+ event.source.close();
+ test.done();
+ }
+ });
+
+ let form = document.getElementById("form");
+ form.action =
+ "/content-security-policy/form-action/support/post-message-to-opener.sub.html";
+
+ let submit = document.getElementById("submit");
+ submit.click();
+ }
+ </script>
+</head>
+<body onload="OnDocumentLoaded();">
+ <form id="form" method="GET" target="_blank" rel="opener">
+ <input type="hidden" name="message" value="DocumentNotBlocked">
+ <input type="submit" id="submit">
+ </form>
+</body>
+</html>
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-06 00:15:17 +0000