| <!doctype html> |
| <meta charset=utf-8> |
| <meta http-equiv="Content-Security-Policy" content="font-src 'none'"> |
| <head> |
| <title>Test font does not load if it does not match font-src.</title> |
| <script src='/resources/testharness.js'></script> |
| <script src='/resources/testharnessreport.js'></script> |
| </head> |
| <body> |
| <div id="log"/> |
| <script> |
| async_test(function(t) { |
| var link = document.createElement('link'); |
| link.rel="stylesheet"; |
| link.type="text/css"; |
| link.href="/content-security-policy/support/fonts.css"; |
| // The stylesheet should stil load, even though the font contained does not |
| link.onerror = t.unreached_func("Should have loaded the stylesheet."); |
| document.addEventListener("securitypolicyviolation", t.step_func_done(function(e) { |
| assert_equals(e.violatedDirective, "font-src"); |
| })); |
| document.getElementsByTagName('head')[0].appendChild(link); |
| }, "Test font does not load if it does not match font-src."); |
| </script> |
| </body> |