| <!DOCTYPE html> |
| <!-- |
| Copyright 2022 The Cobalt Authors. All Rights Reserved. |
| |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <head> |
| <title>Verify that XHR on workers correctly follows CSP</title> |
| <script src='black_box_js_test_utils.js'></script> |
| </head> |
| |
| <body> |
| <script> |
| var worker; |
| var window_onerror_count = 0; |
| window.onerror = (message, filename, lineno, colno, error) => { |
| ++window_onerror_count; |
| // Note: Worker execution errors currently don't pass line or column |
| // number in the error message. |
| assertIncludes('SecurityError', message); |
| assertIncludes('worker_csp_test.js', filename); |
| assertEqual(1, window_onerror_count); |
| window.setTimeout( |
| () => { |
| worker.terminate(); |
| onEndTest(); |
| }, 250); |
| } |
| |
| // This worker attempts to do an XHR request that is blocked by CSP. |
| worker = new Worker('worker_csp_test.js'); |
| worker.onmessage = function (event) { |
| notReached(); |
| }; |
| worker.onerror = function (event) { |
| // Note: The Worker's onerror handler (incorrectly) isn't called. |
| notReached(); |
| }; |
| |
| </script> |
| </body> |