csp-blocked-transparent.https.html (1302B)
1 <!DOCTYPE html> 2 <title>Test transparent fenced frame navigations with blocked CSP</title> 3 <script src="/resources/testharness.js"></script> 4 <script src="/resources/testharnessreport.js"></script> 5 <script src="/common/utils.js"></script> 6 <script src="resources/utils.js"></script> 7 <script src="/common/get-host-info.sub.js"></script> 8 <script src="/common/dispatcher/dispatcher.js"></script> 9 10 <body> 11 <script> 12 const blockedCSPs = [ 13 "none", 14 "https://localhost:80", 15 "https://*:80", 16 "https://localhost:*" 17 ]; 18 blockedCSPs.forEach((csp) => { 19 promise_test(async() => { 20 const iframe = setupCSP(csp); 21 const key = token(); 22 const url = generateURL("/fenced-frame/resources/embeddee.html", [key]); 23 24 await iframe.execute(async (key, url, csp) => { 25 let promise = new Promise((resolve) => { 26 window.addEventListener('securitypolicyviolation', function(e) { 27 resolve(e.violatedDirective + ";" + e.blockedURI); 28 }, {once: true}); 29 }); 30 31 attachFencedFrame(url); 32 33 await promise.then((result) => { 34 assert_equals(result, "fenced-frame-src;" + url, 35 "The fenced frame should not load for CSP fenced-frame-src " + csp); 36 }); 37 }, [key, url, csp]); 38 }, "Fenced frame loaded for CSP fenced-frame-src " + csp); 39 }); 40 </script> 41 </body>