| <!DOCTYPE html> |
| <html> |
| <head> |
| <meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'unsafe-inline'"> |
| <script> |
| if (window.testRunner) { |
| testRunner.dumpAsText(); |
| testRunner.waitUntilDone(); |
| testRunner.clearBackForwardList(); |
| testRunner.dumpBackForwardList(); |
| } |
| window.addEventListener('load', function() { |
| setTimeout(function() { |
| document.getElementById('submit').click(); |
| }, 0); |
| }); |
| </script> |
| </head> |
| <body> |
| <form |
| action="/resources/redirection-response.php?status=302&target=/navigation/resources/form-target.pl" |
| id='theform' |
| method='post'> |
| <input type='text' name='fieldname' value='fieldvalue'> |
| <input type='submit' id='submit' value='submit'> |
| </form> |
| |
| <p> |
| Tests that 'form-action' doesn't fallback on 'default-src', even when |
| there is a redirect. If this test passes, you will see a page indicating |
| a form was POSTed. |
| </p> |
| </body> |
| </html> |
