chromium/src/third_party/blink/web_tests/external/wpt/portals/csp/frame-src.sub.html - manifest_repos/chromium_src - Git at Google

 <!doctype html>
 <title>Tests that portals respect the frame-src</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <body>
 </body>
 <script>
   async_test(function(t) {
     assert_implements("HTMLPortalElement" in self);
     var w = window.open("resources/frame-src.sub.html?frame_src_policy=%27none%27");
     w.onload = function() {
       w.document.addEventListener("securitypolicyviolation",
         t.step_func_done(function(e) {
           assert_equals("frame-src", e.violatedDirective);
       }));
       var portal = w.document.createElement("portal");
       portal.src = new URL("/portals/resources/simple-portal.html", location.href);
       portal.onmessage = t.unreached_func("Portal should not load.");
       w.document.body.appendChild(portal);
     }
   }, "Tests that a portal can't be loaded when it violates frame-src");

   async_test(function(t) {
     assert_implements("HTMLPortalElement" in self);
     var w = window.open(`resources/frame-src.sub.html?frame_src_policy=http://{{hosts[][www]}}:{{ports[http][0]}}`);
     w.onload = function() {
       w.document.onsecuritypolicyviolation = t.unreached_func("Portal should load.");
       var portal = w.document.createElement("portal");
       portal.src = new URL("http://{{hosts[][www]}}:{{ports[http][0]}}/portals/resources/simple-portal.html", location.href);
       portal.onmessage = t.step_func_done();
       w.document.body.appendChild(portal);
     }
   }, "Tests that a portal can be loaded when the origin matches the frame-src CSP header.");
   async_test(function(t) {
     assert_implements("HTMLPortalElement" in self);
     var w = window.open(`resources/frame-src.sub.html?frame_src_policy=http://{{hosts[][www]}}:{{ports[http][0]}}`);
     w.onload = function() {
       var portal = w.document.createElement("portal");
       portal.src = new URL("http://{{hosts[alt][www]}}:{{ports[http][0]}}/portals/resources/simple-portal.html", location.href);
       w.document.onsecuritypolicyviolation = t.step_func(function(e) {
         w.document.onsecuritypolicyviolation = null;
         assert_equals("frame-src", e.violatedDirective);
         portal.src = new URL("http://{{hosts[][www]}}:{{ports[http][0]}}/portals/resources/simple-portal.html", location.href);
         portal.onmessage = t.step_func_done();
       });
       w.document.body.appendChild(portal);
     }
   }, "Tests that a portal will fail to load on an origin different than the one specified in the frame-src CSP, but that it can be loaded when the origin matches the frame-src CSP.");
 </script>
	<!doctype html>
	<title>Tests that portals respect the frame-src</title>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<body>
	</body>
	<script>
	async_test(function(t) {
	assert_implements("HTMLPortalElement" in self);
	var w = window.open("resources/frame-src.sub.html?frame_src_policy=%27none%27");
	w.onload = function() {
	w.document.addEventListener("securitypolicyviolation",
	t.step_func_done(function(e) {
	assert_equals("frame-src", e.violatedDirective);
	}));
	var portal = w.document.createElement("portal");
	portal.src = new URL("/portals/resources/simple-portal.html", location.href);
	portal.onmessage = t.unreached_func("Portal should not load.");
	w.document.body.appendChild(portal);
	}
	}, "Tests that a portal can't be loaded when it violates frame-src");

	async_test(function(t) {
	assert_implements("HTMLPortalElement" in self);
	var w = window.open(`resources/frame-src.sub.html?frame_src_policy=http://{{hosts[][www]}}:{{ports[http][0]}}`);
	w.onload = function() {
	w.document.onsecuritypolicyviolation = t.unreached_func("Portal should load.");
	var portal = w.document.createElement("portal");
	portal.src = new URL("http://{{hosts[][www]}}:{{ports[http][0]}}/portals/resources/simple-portal.html", location.href);
	portal.onmessage = t.step_func_done();
	w.document.body.appendChild(portal);
	}
	}, "Tests that a portal can be loaded when the origin matches the frame-src CSP header.");
	async_test(function(t) {
	assert_implements("HTMLPortalElement" in self);
	var w = window.open(`resources/frame-src.sub.html?frame_src_policy=http://{{hosts[][www]}}:{{ports[http][0]}}`);
	w.onload = function() {
	var portal = w.document.createElement("portal");
	portal.src = new URL("http://{{hosts[alt][www]}}:{{ports[http][0]}}/portals/resources/simple-portal.html", location.href);
	w.document.onsecuritypolicyviolation = t.step_func(function(e) {
	w.document.onsecuritypolicyviolation = null;
	assert_equals("frame-src", e.violatedDirective);
	portal.src = new URL("http://{{hosts[][www]}}:{{ports[http][0]}}/portals/resources/simple-portal.html", location.href);
	portal.onmessage = t.step_func_done();
	});
	w.document.body.appendChild(portal);
	}
	}, "Tests that a portal will fail to load on an origin different than the one specified in the frame-src CSP, but that it can be loaded when the origin matches the frame-src CSP.");
	</script>