| blob | eafb6b5d83598059b1b5385870e1d1cb47dbb3c9 |
2 <html>
3 <head>
7 </head>
8 <body>
15 SimpleTest.waitForExplicitFinish();
16 const NUM_TESTS = 3;
18 var testCounter = 0;
19 function checkFinish() {
20 testCounter++;
21 if (testCounter === NUM_TESTS) {
22 SimpleTest.finish();
23 }
24 }
26 // --- test regular scripts
27 let testScriptRedirectToData = document.getElementById("testScriptRedirectToData");
28 testScriptRedirectToData.onerror = function() {
29 ok(true, "script that redirects to data: URI should not load");
30 checkFinish();
31 }
32 testScriptRedirectToData.onload = function() {
33 ok(false, "script that redirects to data: URI should not load");
34 checkFinish();
35 }
36 testScriptRedirectToData.src = "file_block_subresource_redir_to_data.sjs?script";
38 // --- test workers
39 let worker = new Worker("file_block_subresource_redir_to_data.sjs?worker");
40 worker.onerror = function() {
41 // please note that workers need to be same origin, hence the data: URI
42 // redirect is blocked by worker code and not the content security manager!
43 ok(true, "worker script that redirects to data: URI should not load");
44 checkFinish();
45 }
46 worker.onmessage = function() {
47 ok(false, "worker script that redirects to data: URI should not load");
48 checkFinish();
49 };
50 worker.postMessage("dummy");
52 // --- test script modules
53 SpecialPowers.pushPrefEnv({set: [["dom.moduleScripts.enabled", true]]}, function() {
54 let testModuleScriptRedirectToData = document.getElementById("testModuleScriptRedirectToData");
55 testModuleScriptRedirectToData.onerror = function() {
56 ok(true, "module script that redirects to data: URI should not load");
57 checkFinish();
58 }
59 testModuleScriptRedirectToData.onload = function() {
60 ok(false, "module script that redirects to data: URI should not load");
61 checkFinish();
62 }
63 testModuleScriptRedirectToData.src = "file_block_subresource_redir_to_data.sjs?modulescript";
64 });
66 </script>
67 </body>
68 </html>