| <!DOCTYPE html> |
| <html> |
| <head> |
| <meta http-equiv="Content-Security-Policy" content="form-action 'none'"> |
| <script> |
| if (window.testRunner) { |
| testRunner.dumpAsText(); |
| testRunner.waitUntilDone(); |
| testRunner.clearBackForwardList(); |
| testRunner.dumpBackForwardList(); |
| } |
| |
| window.addEventListener('load', function() { |
| document.getElementById('theform').addEventListener('submit', function(e) { |
| console.log('submit event fired.'); |
| }); |
| |
| setTimeout(function() { |
| document.getElementById('submit').click(); |
| }, 0); |
| }); |
| |
| document.addEventListener('securitypolicyviolation', function(e) { |
| console.log('securitypolicyviolation event fired.'); |
| console.log('securitypolicyviolation_event.documentURI=' + e.documentURI); |
| console.log('securitypolicyviolation_event.blockedURI=' + e.blockedURI); |
| console.log('securitypolicyviolation_event.violatedDirective=' + e.violatedDirective); |
| setTimeout(function() { |
| testRunner.notifyDone(); |
| }, 0); |
| }); |
| </script> |
| </head> |
| <body> |
| <form action='/navigation/resources/form-target.pl' id='theform' |
| method='post' target="_blank"> |
| <input type='text' name='fieldname' value='fieldvalue'> |
| <input type='submit' id='submit' value='submit'> |
| </form> |
| |
| <p>Tests that blocking form actions works correctly. If this test passes, you will see a console error, and will not see a page indicating a form was POSTed.</p> |
| </body> |
| </html> |