child-src-allowed.sub.html (2018B)
1 <!DOCTYPE html> 2 <html> 3 4 <head> 5 <title>child-src-allowed</title> 6 <meta http-equiv="Content-Security-Policy" content="child-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';"> 7 <script src="/resources/testharness.js"></script> 8 <script src="/resources/testharnessreport.js"></script> 9 <script src='../support/logTest.sub.js?logs=["PASS IFrame %231 generated a load event."]'></script> 10 <script> 11 window.addEventListener("message", function(event) { 12 alert_assert(event.data); 13 }, false); 14 15 window.addEventListener("securitypolicyviolation", function(e) { 16 alert_assert("Fail"); 17 }); 18 19 var t_alert = async_test('Expecting alerts: ["PASS"]'); 20 var expected_alerts = ["PASS"]; 21 22 function alert_assert(msg) { 23 t_alert.step(function() { 24 if (msg.match(/^FAIL/i)) { 25 assert_unreached(msg); 26 t_alert.done(); 27 } 28 for (var i = 0; i < expected_alerts.length; i++) { 29 if (expected_alerts[i] == msg) { 30 assert_equals(expected_alerts[i], msg); 31 expected_alerts.splice(i, 1); 32 if (expected_alerts.length == 0) { 33 t_alert.done(); 34 } 35 return; 36 } 37 } 38 assert_unreached('unexpected alert: ' + msg); 39 t_alert.done(); 40 }); 41 } 42 43 </script> 44 <p> 45 This iframe should be allowed. 46 </p> 47 <script> 48 window.wasPostTestScriptParsed = true; 49 var loads = 0; 50 51 function loadEvent() { 52 loads++; 53 log("PASS " + "IFrame #" + loads + " generated a load event."); 54 } 55 56 </script> 57 </head> 58 59 <body> 60 <iframe src="/content-security-policy/support/postmessage-pass.html" onload="loadEvent()"></iframe> 61 <div id="log"></div> 62 </body> 63 64 </html>