Bug
1700080 [wpt PR 28169] - CSP: Improve WPTs inside workers, a=testonly
Automatic update from web-platform-tests
CSP: Improve WPTs inside workers
This change improves Web Platform Tests for Content Security Policy
inside shared workers, by:
1) Fixing a test with CSP: connect-src 'self' that could not fail
because of CORS requests being blocked independently of CSP.
2) Adding assertions that we raise securitypolicyviolation events for
CSP violations.
3) Adding a test for Content Security Policies in report-only mode.
While testing this, I noticed that debug versions of chrome would
crash when checking the disposition of a securitypolicyviolation event
from a Worker. This because of the thread-safety DCHECKs of
WTF::String. For addressing this, I needed to create new global static
strings "enforce" and "report".
Change-Id: I9c91b1a60eac82279dd74e8bb640dde2ada9cf6e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/
2775564
Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
Cr-Commit-Position: refs/heads/master@{#870899}
--
wpt-commits:
947481c1173a4d86a0d4064d4d698f9cd69beb85
wpt-pr: 28169