File: preload-dynamic-csp.html

package info (click to toggle)

thunderbird 1%3A140.5.0esr-1~deb12u1

links: PTS, VCS
area: main
in suites: bookworm-proposed-updates
size: 4,609,180 kB
sloc: cpp: 7,672,739; javascript: 5,901,898; ansic: 3,898,899; python: 1,413,347; xml: 653,997; asm: 462,284; java: 180,927; sh: 113,491; makefile: 20,463; perl: 14,288; objc: 13,059; yacc: 4,583; pascal: 3,352; lex: 1,720; ruby: 1,222; exp: 762; sql: 715; awk: 580; php: 436; lisp: 430; sed: 70; csh: 10

file content (27 lines) | stat: -rw-r--r-- 1,153 bytes

parent folder | download | duplicates (18)

<!DOCTYPE html>
<title>Makes sure that preload requests respect CSP directives that are added after the preload</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/preload/resources/preload_helper.js"></script>
<link id="preload" rel=preload href="resources/square.png" as=image>
<body>
<script>
    setup({single_test: true});

    const preload = document.querySelector("#preload");
    preload.addEventListener("load", async () => {
        const meta = document.createElement("meta");
        meta.httpEquiv = "Content-Security-Policy";
        meta.content = "img-src 'none'";
        document.head.appendChild(meta);
        const img = document.createElement("img");
        img.src = preload.href;
        document.body.appendChild(img);
        const load = new Promise(resolve => img.addEventListener("load", () => resolve('load')));
        const error = new Promise(resolve => img.addEventListener("error", () => resolve('error')));
        const result = await Promise.any([load, error]);
        assert_equals(result, "error");
        done();
    });
</script>