[ tor-browser ].git.dasho

content-security-policy.https.window.js (838B)

      1 // META: script=/service-workers/service-worker/resources/test-helpers.sub.js
      2 // META: script=resources/utils.js
      3 'use strict';
      4 
      5 // Tests that requests blocked by Content Security Policy are rejected.
      6 // https://w3c.github.io/webappsec-csp/#should-block-request
      7 
      8 // This is not a comprehensive test of Content Security Policy - it is just
      9 // intended to check that CSP checks are enabled.
     10 
     11 var meta = document.createElement('meta');
     12 meta.setAttribute('http-equiv', 'Content-Security-Policy');
     13 meta.setAttribute('content', "connect-src 'none'");
     14 document.head.appendChild(meta);
     15 
     16 backgroundFetchTest(async (t, bgFetch) => {
     17  const fetch = await bgFetch.fetch(uniqueId(), '/');
     18 
     19  const record = await fetch.match('/');
     20  return promise_rejects_js(
     21      t, TypeError,
     22      record.responseReady);
     23 }, 'fetch blocked by CSP should reject');

	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE