file_websocket_explicit.html (1100B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <meta charset="utf-8"> 5 <title>Bug 1345615: Allow websocket schemes when using 'self' in CSP</title> 6 <meta http-equiv="Content-Security-Policy" content="connect-src ws:"> 7 </head> 8 <body> 9 <script type="application/javascript"> 10 /* load socket using ws */ 11 var wsSocket = new WebSocket("ws://example.com/tests/dom/security/test/csp/file_websocket_self"); 12 wsSocket.onopen = function(e) { 13 window.parent.postMessage({result: "explicit-ws-loaded"}, "*"); 14 wsSocket.close(); 15 }; 16 wsSocket.onerror = function(e) { 17 window.parent.postMessage({result: "explicit-ws-blocked"}, "*"); 18 }; 19 20 /* load socket using wss */ 21 var wssSocket = new WebSocket("wss://example.com/tests/dom/security/test/csp/file_websocket_self"); 22 wssSocket.onopen = function(e) { 23 window.parent.postMessage({result: "explicit-wss-loaded"}, "*"); 24 wssSocket.close(); 25 }; 26 wssSocket.onerror = function(e) { 27 window.parent.postMessage({result: "explicit-wss-blocked"}, "*"); 28 }; 29 </script> 30 </body> 31 </html>