diff options
Diffstat (limited to 'testing/web-platform/tests/content-security-policy/securitypolicyviolation/style-sample.html')
-rw-r--r-- | testing/web-platform/tests/content-security-policy/securitypolicyviolation/style-sample.html | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/securitypolicyviolation/style-sample.html b/testing/web-platform/tests/content-security-policy/securitypolicyviolation/style-sample.html new file mode 100644 index 0000000000..7eed52aac7 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/securitypolicyviolation/style-sample.html @@ -0,0 +1,39 @@ +<!doctype html> +<meta http-equiv="Content-Security-Policy" content="style-src 'nonce-abc' 'report-sample'"> +<script nonce="abc" src="/resources/testharness.js"></script> +<script nonce="abc" src="/resources/testharnessreport.js"></script> +<body> +<script nonce="abc"> + function waitForViolation(el) { + return new Promise(resolve => { + el.addEventListener('securitypolicyviolation', e => resolve(e)); + }); + } + + async_test(t => { + var s = document.createElement('style'); + s.innerText = "p { omg: yay !important; }"; + + waitForViolation(s) + .then(t.step_func_done(e => { + assert_equals(e.blockedURI, "inline"); + assert_equals(e.sample, "p { omg: yay !important; }"); + })); + + document.head.append(s); + }, "Inline style blocks should have a sample."); + + async_test(t => { + var p = document.createElement('p'); + p.setAttribute("style", "omg: yay !important;"); + p.innerText = "Yay!"; + + waitForViolation(p) + .then(t.step_func_done(e => { + assert_equals(e.blockedURI, "inline"); + assert_equals(e.sample, "omg: yay !important;"); + })); + + document.head.append(p); + }, "Inline style attributes should have a sample."); +</script> |