chromium/src/third_party/blink/web_tests/external/wpt/origin-policy/bad-server/bad-headers.https.html - manifest_repos/chromium_src - Git at Google

 <!DOCTYPE HTML>
 <meta charset="utf-8">
 <title>Origin-Policy malformed headers must cause network errors</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="../resources/origin-policy-test-runner.js"></script>

 <div id="log"></div>

 <script>
 "use strict";

 [
   ``,
   `latest`,
   `allowed, preferred`,
   `"1"`,
   `allowed="1"`,
   `allowed=latest`,
   `allowed=()`,
   `allowed=("")`,
   `allowed=("1" ?0)`,
   `allowed=("1" 42)`,
   `allowed=("1" 2.5)`,
   `allowed=("1" :cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==:)`,
   `preferred=("1")`,
   `preferred=latest`,
   `preferred=""`,
   `preferred=?0, allowed=(latest)`,
   `preferred=latest-from-network, allowed=("1" ?0)`,
   `preferred="", allowed=(latest)`,
   `preferred=latest-from-network, allowed=("1", "")`,
 ].forEach(runTest);

 function runTest(header) {
   async_test(t => {
     const iframe = document.createElement("iframe");
     iframe.src = "resources/subframe-with-bad-header.py?header=" + encodeURIComponent(header);

     iframe.onload = t.step_func_done(() => {
       // The loaded result must be cross-origin since it's a network error.
       // Accessing the document property of a cross-origin Window throws a
       // "SecurityError" DOMException.
       assert_throws_dom("SecurityError", () => iframe.contentWindow.document);
     });
     iframe.onerror = t.unreached_func("Iframe loads must not error");

     document.body.append(iframe);
   }, header);
 }
 </script>
	<!DOCTYPE HTML>
	<meta charset="utf-8">
	<title>Origin-Policy malformed headers must cause network errors</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<script src="../resources/origin-policy-test-runner.js"></script>

	<div id="log"></div>

	<script>
	"use strict";

	[
	``,
	`latest`,
	`allowed, preferred`,
	`"1"`,
	`allowed="1"`,
	`allowed=latest`,
	`allowed=()`,
	`allowed=("")`,
	`allowed=("1" ?0)`,
	`allowed=("1" 42)`,
	`allowed=("1" 2.5)`,
	`allowed=("1" :cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==:)`,
	`preferred=("1")`,
	`preferred=latest`,
	`preferred=""`,
	`preferred=?0, allowed=(latest)`,
	`preferred=latest-from-network, allowed=("1" ?0)`,
	`preferred="", allowed=(latest)`,
	`preferred=latest-from-network, allowed=("1", "")`,
	].forEach(runTest);

	function runTest(header) {
	async_test(t => {
	const iframe = document.createElement("iframe");
	iframe.src = "resources/subframe-with-bad-header.py?header=" + encodeURIComponent(header);

	iframe.onload = t.step_func_done(() => {
	// The loaded result must be cross-origin since it's a network error.
	// Accessing the document property of a cross-origin Window throws a
	// "SecurityError" DOMException.
	assert_throws_dom("SecurityError", () => iframe.contentWindow.document);
	});
	iframe.onerror = t.unreached_func("Iframe loads must not error");

	document.body.append(iframe);
	}, header);
	}
	</script>