mirror of
https://github.com/classilla/tenfourfox.git
synced 2024-10-22 02:25:05 +00:00
44 lines
1.3 KiB
JavaScript
44 lines
1.3 KiB
JavaScript
/*
|
|
* The policy for this test is:
|
|
* Content-Security-Policy: default-src 'self'
|
|
*/
|
|
|
|
function createAllowedEvent() {
|
|
/*
|
|
* Creates a new EventSource using 'http://mochi.test:8888'. Since all mochitests run on
|
|
* 'http://mochi.test', a default-src of 'self' allows this request.
|
|
*/
|
|
var src_event = new EventSource("http://mochi.test:8888/tests/dom/security/test/csp/file_bug802872.sjs");
|
|
|
|
src_event.onmessage = function(e) {
|
|
src_event.close();
|
|
parent.dispatchEvent(new Event('allowedEventSrcCallbackOK'));
|
|
}
|
|
|
|
src_event.onerror = function(e) {
|
|
src_event.close();
|
|
parent.dispatchEvent(new Event('allowedEventSrcCallbackFailed'));
|
|
}
|
|
}
|
|
|
|
function createBlockedEvent() {
|
|
/*
|
|
* creates a new EventSource using 'http://example.com'. This domain is not whitelisted by the
|
|
* CSP of this page, therefore the CSP blocks this request.
|
|
*/
|
|
var src_event = new EventSource("http://example.com/tests/dom/security/test/csp/file_bug802872.sjs");
|
|
|
|
src_event.onmessage = function(e) {
|
|
src_event.close();
|
|
parent.dispatchEvent(new Event('blockedEventSrcCallbackOK'));
|
|
}
|
|
|
|
src_event.onerror = function(e) {
|
|
src_event.close();
|
|
parent.dispatchEvent(new Event('blockedEventSrcCallbackFailed'));
|
|
}
|
|
}
|
|
|
|
addLoadEvent(createAllowedEvent);
|
|
addLoadEvent(createBlockedEvent);
|