source-phase-blocked-by-csp.tentative.html (895B)
1 <!doctype html> 2 <title>Source phase imports blocked by CSP</title> 3 <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline';"> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <script> 7 setup({allow_uncaught_exception: true}); 8 9 const test_load = async_test( 10 "Importing a WebAssembly module should be guarded by script-src CSP."); 11 12 window.violationCount = 0; 13 document.addEventListener("securitypolicyviolation", (e) => { 14 test_load.step(() => { 15 assert_equals("script-src-elem", e.violatedDirective); 16 }); 17 if (++violationCount == 2) { 18 test_load.done(); 19 } 20 }); 21 </script> 22 <script type=module src="./resources/cross-origin-wasm-static-source-phase-import.sub.js"></script> 23 <script type=module src="./resources/cross-origin-wasm-dynamic-source-phase-import.sub.js"></script>