| <!DOCTYPE html> |
| <html> |
| <head> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <meta http-equiv="Content-Security-Policy" content="child-src 'self'; connect-src 'none'"> |
| </head> |
| <body> |
| <script> |
| var t = async_test("worker redirects to location disallowed by connect-src"); |
| var worker = new Worker("/security/resources/redir.php?url=" + encodeURIComponent("http://127.0.0.1:8000/security/contentSecurityPolicy/resources/worker-postmessage.js")); |
| worker.addEventListener("message", function () { |
| t.done(); |
| }); |
| worker.postMessage("go"); |
| </script> |
| </body> |
| </html> |