serviceworker-connect-src.https.sub.html (1322B)
1 <!DOCTYPE html> 2 <script src="/resources/testharness.js"></script> 3 <script src="/resources/testharnessreport.js"></script> 4 <!-- Test the 'connect-src' directive on service workers --> 5 <meta http-equiv="content-security-policy" content="connect-src 'self'"> 6 <script> 7 [ // Service workers do not inherit CSP. 8 "./support/connect-src-allow.sub.js", 9 10 // Service workers honor CSP received in their response headers. 11 "./support/connect-src-self.sub.js?id={{$id1:uuid()}}" + 12 "&test-name=connect-src 'self'" + 13 "&pipe=sub|header(Content-Security-Policy," + 14 "connect-src 'self' ; report-uri " + 15 "/reporting/resources/report.py?op=put%26reportID={{$id1}})", 16 17 // Also test that connect-src falls back to default-src. 18 "./support/connect-src-self.sub.js?id={{$id2:uuid()}}" + 19 "&test-name=default-src 'self'" + 20 "&pipe=sub|header(Content-Security-Policy," + 21 "default-src 'self' ; report-uri " + 22 "/reporting/resources/report.py?op=put%26reportID={{$id2}})"] 23 .forEach(url => { 24 promise_test(async t => { 25 let r = await navigator.serviceWorker.register( 26 url, {scope: "./support/blank.html"}); 27 t.add_cleanup(_ => r.unregister()); 28 let sw = r.active || r.installing || r.waiting; 29 await fetch_tests_from_worker(sw); 30 }); 31 }); 32 </script>