[ tor-browser ].git.dasho

frame-src-same-document.sub.html (731B)

      1 <script src="/resources/testharness.js"></script>
      2 <script src="/resources/testharnessreport.js"></script>
      3 <html>
      4 <body></body>
      5 <script>
      6    let crossOriginUrl =
      7      "http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/frame-src/support/frame.html";
      8 
      9    promise_test(async test => {
     10      let iframe = document.createElement("iframe");
     11      document.body.appendChild(iframe);
     12 
     13      for(let hash of ["#0", "#1"]) {
     14        let violation = new Promise(resolve => {
     15          window.addEventListener('securitypolicyviolation', resolve);
     16        });
     17        iframe.src = crossOriginUrl + hash;
     18        await violation;
     19      }
     20    }, "Same-document navigation in an iframe blocked by CSP frame-src");
     21 </script>
     22 </html>

	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE