Update web-platform-tests to revision 6a2f0e6a0110fd0830fc3196680f671bb83c2747

2025-08-06 14:10:11 +01:00 · 2020-04-28 08:20:10 +00:00 · 2020-04-28 08:20:10 +00:00 · 94f517b8d8
commit 94f517b8d8
parent c9909643a2
230 changed files with 5362 additions and 1028 deletions
--- a/tests/wpt/web-platform-tests/content-security-policy/inheritance/frame-src-javascript-url.html
+++ b/tests/wpt/web-platform-tests/content-security-policy/inheritance/frame-src-javascript-url.html
@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<meta http-equiv="Content-Security-Policy" content="frame-src 'none'">
+
+<script>
+  const iframe_url = new URL("./support/empty.html", location.href);
+
+  // Regression test for: https://crbug.com/1064676
+  promise_test(async (t) => {
+    await new Promise(r => window.onload = r);
+
+    let url = `javascript:
+
+      window.addEventListener('securitypolicyviolation', e => {
+        parent.postMessage({
+          originalPolicy: e.originalPolicy,
+          blockedURI: e.blockedURI,
+        });
+      });
+
+      let iframe = document.createElement('iframe');
+      iframe.src = '${iframe_url}';
+      document.body.appendChild(iframe);
+
+    `;
+
+    let iframe = document.createElement('iframe');
+    iframe.src = encodeURI(url.replace(/\n/g, ""));
+
+    let violation = new Promise(r => window.addEventListener("message", r));
+    document.body.appendChild(iframe);
+    let {data} = await violation;
+
+    assert_equals(data.originalPolicy, "frame-src 'none'");
+    assert_equals(data.blockedURI, iframe_url.toString());
+
+  }, "<iframe src='javascript:...'>'s inherits policy (dynamically inserted <iframe> is blocked)");
+
+</script>