chromium/src/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/cascade/same-origin-with-own-policy.html

<!DOCTYPE html>
<html>
<head>
  <script src="/resources/testharness.js"></script>
  <script src="/resources/testharnessreport.js"></script>
  <script src="/security/contentSecurityPolicy/resources/cascade-helper.js"></script>
  <meta http-equiv="content-security-policy" content="img-src http://127.0.0.1:8000 http://example.test:8000">
</head>
<body>
<script>
  // The filesystem test takes some nesting to setup:
  setup({explicit_done: true});

  async_test(t => {
    assert_allowed_image_in_document(t, document, "http://127.0.0.1:8000/resources/square.png?top-level");
    assert_allowed_image_in_document(t, document, "http://example.test:8000/resources/square.png?top-level");
  }, "Policy applied in top-level.");

  async_test(t => {
    var frame = document.createElement("iframe");
    frame.onload = _ => {
      frame.contentDocument.head.innerHTML = "<meta http-equiv='content-security-policy' content='img-src http://127.0.0.1:8000'>";
      assert_allowed_image_in_document(t, frame.contentDocument, "http://127.0.0.1:8000/resources/square.png?blank-frame");
      assert_blocked_image_in_document(t, frame.contentDocument, "http://example.test:8000/resources/square.png?blank-frame");
    };
    document.body.appendChild(frame);
  }, "Image loaded via about:blank frame blocked.");

  async_test(t => {
    var frame = document.createElement("iframe");
    frame.setAttribute("srcdoc", "");
    frame.onload = _ => {
      frame.contentDocument.head.innerHTML = "<meta http-equiv='content-security-policy' content='img-src http://127.0.0.1:8000'>";
      assert_allowed_image_in_document(t, frame.contentDocument, "http://127.0.0.1:8000/resources/square.png?blank-frame");
      assert_blocked_image_in_document(t, frame.contentDocument, "http://example.test:8000/resources/square.png?blank-frame");
    };
    document.body.appendChild(frame);
  }, "Image loaded via srcdoc frame blocked.");

  async_test(t => {
    var b = new Blob([], {type: "text/html"});

    var frame = document.createElement("iframe");
    frame.src = URL.createObjectURL(b);
    frame.onload = _ => {
      frame.contentDocument.head.innerHTML = "<meta http-equiv='content-security-policy' content='img-src http://127.0.0.1:8000'>";
      assert_allowed_image_in_document(t, frame.contentDocument, "http://127.0.0.1:8000/resources/square.png?blob-frame");
      assert_blocked_image_in_document(t, frame.contentDocument, "http://example.test:8000/resources/square.png?blob-frame");
    };
    document.body.appendChild(frame);
  }, "Image loaded via 'blob:' frame blocked.");

  async_test(t => {
    window.webkitRequestFileSystem(window.TEMPORARY, 1024*1024, fs => {
      fs.root.getFile('worker.js', { create: true }, entry => {
        entry.createWriter(w => {
          w.onwriteend = _ => {
            var u = entry.toURL();

            var frame = document.createElement("iframe");
            frame.src = URL.createObjectURL(b);
            frame.onload = _ => {
              frame.contentDocument.head.innerHTML = "<meta http-equiv='content-security-policy' content='img-src http://127.0.0.1:8000'>";
              assert_allowed_image_in_document(t, frame.contentDocument, "http://127.0.0.1:8000/resources/square.png?filesystem-frame");
              assert_blocked_image_in_document(t, frame.contentDocument, "http://example.test:8000/resources/square.png?filesystem-frame");
            };
            document.body.appendChild(frame);

            // explicit_done: yay.
            done();
          };
          w.onerror = t.unreached_func();

          var b = new Blob([], {type: "text/html"});
          w.write(b);
        });
      });
    });
  }, "Image loaded via 'filesystem:' frame blocked.");
</script>
</body>
</html>