response_block.tentative.https.html (1883B)
1 <!DOCTYPE html> 2 <script src="/resources/testharness.js"></script> 3 <script src="/resources/testharnessreport.js"></script> 4 <script src="/common/get-host-info.sub.js"></script> 5 <body> 6 <script> 7 // A cross-origin response containing JavaScript, labelled as text/csv. 8 const probeUrl = get_host_info().HTTPS_REMOTE_ORIGIN + 9 "/fetch/corb/resources/response_block_probe.js"; 10 11 // Test handling of blocked responses in CORB/ORB for <script> elements. 12 function probe_script() { 13 // We will cross-origin load a script resource that should get blocked by all 14 // versions of CORB/ORB. Two things may happen: 15 // 16 // 1, An empty response is injected. (What CORB does.) 17 // 2, An error is injected and script loading aborts. (What ORB does.) 18 19 // Load the probe as a script. 20 const script = document.createElement("script"); 21 script.src = probeUrl; 22 document.body.appendChild(script); 23 24 // Return a promise that will return a string description corresponding to the 25 // conditions above. 26 return new Promise((resolve, reject) => { 27 script.onload = _ => resolve("Resource loaded (expected for CORB)"); 28 script.onerror = _ => resolve("ORB-style network error"); 29 }); 30 } 31 32 // Test handling of blocked responses in CORB/ORB for script-initiated fetches. 33 function probe_fetch() { 34 return fetch(probeUrl, {mode: "no-cors"}) 35 .then(response => response.text()) 36 .then(text => { 37 assert_equals(text, ""); 38 return "Resource loaded (expected for CORB)"; 39 }) 40 .catch(_ => "ORB-style network error"); 41 } 42 43 // These tests check for ORB behaviour. 44 promise_test(t => probe_script().then( 45 value => assert_equals(value, "ORB-style network error")), 46 "ORB: Expect error response from <script> fetch."); 47 promise_test(t => probe_fetch().then( 48 value => assert_equals(value, "ORB-style network error")), 49 "ORB: Expect error response from fetch()."); 50 </script>