connect-src-json-import-allowed.sub.html (919B)
1 <!DOCTYPE html> 2 <html> 3 <head> 4 <title>connect-src-json-import-allowed</title> 5 <meta 6 http-equiv="Content-Security-Policy" 7 content="connect-src 'self'; script-src http://{{host}}:{{ports[http][0]}}/resources/testharness.js http://{{host}}:{{ports[http][0]}}/resources/testharnessreport.js 'unsafe-inline';" 8 /> 9 <script src="/resources/testharness.js"></script> 10 <script src="/resources/testharnessreport.js"></script> 11 </head> 12 13 <body> 14 <script> 15 promise_test(t => new Promise((resolve, reject) => { 16 window.addEventListener("securitypolicyviolation", (err) => { 17 if (err.blockedURI.endsWith("/common/dummy.json")) { 18 reject("Should not raise securitypolicyviolation."); 19 } 20 }); 21 import("/common/dummy.json", { with: { type: "json" } }).then(resolve, reject) 22 }), "import should be allowed"); 23 </script> 24 </body> 25 </html>