media-src-7_2_2.sub.html (2120B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <title>Audio element src attribute must match src list - negative test</title> 5 <meta http-equiv="Content-Security-Policy" content="script-src * 'unsafe-inline'; media-src 'self';"> 6 <script src='/resources/testharness.js'></script> 7 <script src='/resources/testharnessreport.js'></script> 8 </head> 9 <body> 10 <h1>Audio element src attribute must match src list - negative test</h1> 11 <div id='log'></div> 12 13 <script> 14 var src_test = async_test("Disallaowed audio src"); 15 var source_test = async_test("Disallowed audio source element"); 16 var t_spv = async_test("Test that securitypolicyviolation events are fired"); 17 var test_count = 2; 18 window.addEventListener("securitypolicyviolation", t_spv.step_func(function(e) { 19 assert_equals(e.violatedDirective, "media-src"); 20 assert_equals(e.blockedURI, mediaURL); 21 if (--test_count <= 0) { 22 t_spv.done(); 23 } 24 })); 25 26 // we assume tests are run from 'hostname' and 'www.hostname' or 'www2.hostname' is a valid alias 27 var mediaURL = location.protocol + "//{{domains[www2]}}:{{ports[http][0]}}/media/sound_5.oga"; 28 29 function media_loaded(t) { 30 t.step( function () { 31 assert_unreached("Media error handler should be triggered for non-allowed domain."); 32 }); 33 t.done(); 34 } 35 36 function media_error_handler(t) { 37 t.done(); 38 } 39 </script> 40 41 <audio id="audioObject" width="320" height="240" controls 42 onloadeddata="media_loaded(source_test)"> 43 </audio> 44 <audio id="audioObject2" width="320" height="240" controls 45 onerror="media_error_handler(src_test)" 46 onloadeddata="media_loaded(src_test)"> 47 </audio> 48 <script> 49 let source = document.createElement("source"); 50 source.src = mediaURL; 51 source.type = "audio/webm"; 52 source.onerror = _ => { media_error_handler(source_test); } 53 document.getElementById("audioObject").appendChild(source); 54 document.getElementById("audioObject2").src = mediaURL; 55 </script> 56 57 </body> 58 </html>