mirror of
https://github.com/servo/servo.git
synced 2025-07-03 21:43:41 +01:00
20 lines
754 B
HTML
20 lines
754 B
HTML
<!DOCTYPE HTML>
|
|
<html>
|
|
<head>
|
|
<title>Window.open should not open javascript url if not allowed.</title>
|
|
<meta http-equiv="Content-Security-Policy" content="script-src 'nonce-abc';">
|
|
<script nonce='abc' src='/resources/testharness.js'></script>
|
|
<script nonce='abc' src='/resources/testharnessreport.js'></script>
|
|
</head>
|
|
<body>
|
|
<script nonce='abc'>
|
|
var t = async_test("Check that a securitypolicyviolation event is fired");
|
|
window.addEventListener('securitypolicyviolation', t.step_func_done(function(e) {
|
|
assert_equals(e.blockedURI, "inline");
|
|
assert_equals(e.violatedDirective, "script-src");
|
|
}));
|
|
|
|
window.open('javascript:test(function() { assert_unreached("FAIL")});', 'new');
|
|
</script>
|
|
</body>
|
|
</html>
|