chromium/src/third_party/blink/web_tests/http/tests/navigation/pushstate-whitelisted-denied.html - manifest_repos/chromium_src - Git at Google

 <script src="../resources/testharness.js"></script>
 <script src="../resources/testharnessreport.js"></script>
 <script>
 test(function () {
     testRunner.addOriginAccessAllowListEntry(location.origin, location.protocol, '', false);
 }, 'testRunner.addOriginAccessAllowListEntry is required for this test');

 test(function () {
     // http://username@password:localhost:8000/... should be blocked.
     var otherOrigin = new URL(document.URL);
     otherOrigin.port = otherOrigin.port ? otherOrigin.port ^ 0xFFFF : 1337;
     otherOrigin = otherOrigin.href;

     assert_throws_dom('SecurityError', function () {
         history.pushState(null, null, otherOrigin);
     });
 }, 'pushState to origin with different port should fail with SecurityError (even with whitelisted origins)');
 </script>
	<script src="../resources/testharness.js"></script>
	<script src="../resources/testharnessreport.js"></script>
	<script>
	test(function () {
	testRunner.addOriginAccessAllowListEntry(location.origin, location.protocol, '', false);
	}, 'testRunner.addOriginAccessAllowListEntry is required for this test');

	test(function () {
	// http://username@password:localhost:8000/... should be blocked.
	var otherOrigin = new URL(document.URL);
	otherOrigin.port = otherOrigin.port ? otherOrigin.port ^ 0xFFFF : 1337;
	otherOrigin = otherOrigin.href;

	assert_throws_dom('SecurityError', function () {
	history.pushState(null, null, otherOrigin);
	});
	}, 'pushState to origin with different port should fail with SecurityError (even with whitelisted origins)');
	</script>