Google Git
Sign in
chromium / chromium / src / 41e21987fa2803688abdc4700cc577a148ab4e9a / . / third_party / WebKit / LayoutTests / http / tests / security / contentSecurityPolicy / 1.1 / form-action-blocked-when-target-blank.html
blob: 09103f5b1998e37db283dc7e0ddd65e98cab7ef4 [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="form-action 'none'">
<script>
if (window.testRunner) {
testRunner.dumpAsText();
testRunner.waitUntilDone();
testRunner.clearBackForwardList();
testRunner.dumpBackForwardList();
}
window.addEventListener('load', function() {
document.getElementById('theform').addEventListener('submit', function(e) {
console.log('submit event fired.');
});
setTimeout(function() {
document.getElementById('submit').click();
}, 0);
});
document.addEventListener('securitypolicyviolation', function(e) {
console.log('securitypolicyviolation event fired.');
console.log('securitypolicyviolation_event.documentURI=' + e.documentURI);
console.log('securitypolicyviolation_event.blockedURI=' + e.blockedURI);
console.log('securitypolicyviolation_event.violatedDirective=' + e.violatedDirective);
setTimeout(function() {
testRunner.notifyDone();
}, 0);
});
</script>
</head>
<body>
<form action='/navigation/resources/form-target.pl' id='theform'
method='post' target="_blank">
<input type='text' name='fieldname' value='fieldvalue'>
<input type='submit' id='submit' value='submit'>
</form>
<p>Tests that blocking form actions works correctly. If this test passes, you will see a console error, and will not see a page indicating a form was POSTed.</p>
</body>
</html>