connect-src-json-import-blocked.sub.html (837B)
1 <!DOCTYPE html> 2 <html> 3 <head> 4 <title>connect-src-json-import-blocked</title> 5 <meta 6 http-equiv="Content-Security-Policy" 7 content="connect-src 'none'; script-src 'self' 'unsafe-inline';" 8 /> 9 <script src="/resources/testharness.js"></script> 10 <script src="/resources/testharnessreport.js"></script> 11 </head> 12 13 <body> 14 <script> 15 promise_test((t) => { 16 let check_spv = new Promise((resolve) => { 17 window.addEventListener("securitypolicyviolation", (e) => { 18 if (e.blockedURI.endsWith("dummy.json")) { 19 resolve(); 20 } 21 }); 22 }); 23 24 return Promise.all([ 25 promise_rejects_js(t, TypeError, import("/common/dummy.json", { with: { type: "json" } })), 26 check_spv, 27 ]); 28 }); 29 </script> 30 </body> 31 </html>