csp-allowed.https.html (1640B)
1 <!DOCTYPE html> 2 <title>Test opaque fenced frame navigations with allowed CSP</title> 3 <script src="/resources/testharness.js"></script> 4 <script src="/resources/testharnessreport.js"></script> 5 <script src="/common/utils.js"></script> 6 <script src="resources/utils.js"></script> 7 <script src="/common/dispatcher/dispatcher.js"></script> 8 9 <body> 10 <script> 11 const allowedCSPs = [ 12 "*", 13 "https:", 14 "https://*:*" 15 ]; 16 allowedCSPs.forEach((csp) => { 17 for (const resolve_to_config of [true, false]) { 18 promise_test(async() => { 19 const iframe = setupCSP(csp); 20 const key = token(); 21 22 await iframe.execute(async (key, resolve_to_config) => { 23 window.addEventListener('securitypolicyviolation', function(e) { 24 // Write to the server even though the listener is in the same file in 25 // the test below. 26 writeValueToServer(key, e.violatedDirective + ";" + e.blockedURI); 27 }, {once: true}); 28 29 attachFencedFrame(await runSelectURL( 30 "/fenced-frame/resources/embeddee.html", [key], resolve_to_config)); 31 }, [key, resolve_to_config]); 32 33 const result = await nextValueFromServer(key); 34 assert_equals(result, "PASS", 35 "The fenced frame should load for CSP fenced-frame-src " + csp); 36 }, "Fenced frame loaded for CSP fenced-frame-src " + csp + " using " + 37 (resolve_to_config ? "config" : "urn:uuid")); 38 39 } 40 promise_test(async() => { 41 const iframe = setupCSP(csp); 42 await iframe.execute(() => { 43 assert_true(navigator.canLoadAdAuctionFencedFrame()); 44 }); 45 }, "Opaque-ads can load API returns true for " + csp); 46 }); 47 </script> 48 </body>