nosniff.sub.any.js (1132B)
1 // META: script=/fetch/orb/resources/utils.js 2 3 const path = "http://{{domains[www1]}}:{{ports[http][0]}}/fetch/orb/resources"; 4 5 expected_block( 6 `${path}/text.txt`, 7 (orb_test, message) => 8 promise_test( 9 t => orb_test(t, contentType("text/plain"), contentTypeOptions("nosniff")), 10 message("ORB should block opaque text/plain with nosniff"))); 11 12 expected_block( 13 `${path}/data.json`, 14 (orb_test, message) => 15 promise_test( 16 t => orb_test(t, contentType("application/json"), contentTypeOptions("nosniff")), 17 message("ORB should block opaque-response-blocklisted MIME type with nosniff"))); 18 19 expected_block( 20 `${path}/data.json`, 21 (orb_test, message) => 22 promise_test( 23 t => orb_test(t, contentTypeOptions("nosniff")), 24 message("ORB should block opaque response with empty Content-Type and nosniff"))); 25 26 expected_allow( 27 `${path}/image.png`, 28 (orb_test, message) => 29 promise_test( 30 t => orb_test(t, contentType(""), contentType("text/javascript")), 31 message("ORB shouldn't block opaque image with empty Content-Type and nosniff")), 32 { skip: ["audio", "video", "script"] });