File: preload-image-png-mislabeled-as-html-nosniff.tentative.sub.html

package info (click to toggle)
thunderbird 1%3A68.10.0-1~deb9u1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 2,754,812 kB
  • sloc: cpp: 5,411,679; javascript: 4,161,772; ansic: 2,639,702; python: 763,064; java: 346,606; xml: 266,623; asm: 265,884; sh: 117,270; lisp: 41,340; makefile: 23,560; perl: 18,042; objc: 5,277; yacc: 1,778; ada: 1,681; pascal: 1,673; lex: 1,417; cs: 879; exp: 527; awk: 495; php: 436; ruby: 221; sed: 69; csh: 27
file content (30 lines) | stat: -rw-r--r-- 1,150 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
<!DOCTYPE html>
<!-- This test verifies observable CORB impact on <link rel="preload"> elements.
-->
<meta charset="utf-8">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<div id=log></div>

<script>
async_test(function(t) {
  // With CORB the link.onerror event will be reached
  // (because CORB will block the cross-origin preload).
  window.preloadErrorEvent = t.step_func_done();

  // Without CORB the link.onload event will be reached.
  window.preloadLoadEvent = t.unreached_func("link/preload onload event reached.");
});
</script>

<!-- www1 is cross-origin, so the HTTP response is CORB-eligible

TODO(lukasza@chromium.org): Once https://crbug.com/888079 and
https://crbug.com/891872 are fixed, we should use a cross-*origin*
rather than cross-*site* URL below (e.g. s/hosts[alt]/domains/g).
See also https://crbug.com/918660 for more context.
-->
<link rel="preload" as="image"
      onerror="window.preloadErrorEvent()"
      onload="window.preloadLoadEvent()"
      href="http://{{hosts[alt][www1]}}:{{ports[http][0]}}/fetch/corb/resources/png-mislabeled-as-html-nosniff.png">