test_fetch_csp_block.html (1213B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <meta charset="utf-8"> 5 <title>Test fetch() rejects when CSP blocks</title> 6 <script src="/tests/SimpleTest/SimpleTest.js"></script> 7 <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> 8 </head> 9 <body> 10 <script type="application/javascript"> 11 SimpleTest.waitForExplicitFinish(); 12 13 function withFrame(url) { 14 return new Promise(resolve => { 15 let frame = document.createElement('iframe'); 16 frame.addEventListener('load', _ => { 17 resolve(frame); 18 }, { once: true }); 19 frame.src = url; 20 document.body.appendChild(frame); 21 }); 22 } 23 24 function asyncTest(frame) { 25 return new Promise((resolve, reject) => { 26 addEventListener('message', evt => { 27 if (evt.data === 'REJECTED') { 28 resolve(); 29 } else { 30 reject(); 31 } 32 }, { once: true }); 33 frame.contentWindow.postMessage('GO', '*'); 34 }); 35 } 36 37 withFrame('file_fetch_csp_block_frame.html').then(frame => { 38 asyncTest(frame).then(_ => { 39 ok(true, 'fetch rejected correctly'); 40 }).catch(e => { 41 ok(false, 'fetch resolved when it should have been CSP blocked'); 42 }).then(_ => { 43 frame.remove(); 44 SimpleTest.finish(); 45 }); 46 }); 47 48 </script> 49 </body> 50 </html>