| <script src="../resources/testharness.js"></script> |
| <script src="../resources/testharnessreport.js"></script> |
| <script> |
| test(function () { |
| testRunner.addOriginAccessAllowListEntry(location.origin, location.protocol, '', false); |
| }, 'testRunner.addOriginAccessAllowListEntry is required for this test'); |
| |
| test(function () { |
| // http://username@password:localhost:8000/... should be blocked. |
| var otherOrigin = new URL(document.URL); |
| otherOrigin.port = otherOrigin.port ? otherOrigin.port ^ 0xFFFF : 1337; |
| otherOrigin = otherOrigin.href; |
| |
| assert_throws_dom('SecurityError', function () { |
| history.pushState(null, null, otherOrigin); |
| }); |
| }, 'pushState to origin with different port should fail with SecurityError (even with whitelisted origins)'); |
| </script> |