| <!DOCTYPE html> |
| <html> |
| <head> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| </head> |
| <body> |
| <script> |
| function runWorkerTest(type, policy, expectation) { |
| policy = encodeURIComponent(policy); |
| if (expectation.none) { |
| var worker = new Worker("./resources/worker-testharness.php?csp=" + policy + "&type=" + type + "&expectation=none"); |
| async_test(function (t) { |
| worker.onmessage = t.step_func_done(function (e) { |
| assert_equals(e.data.state, expectation.none); |
| }); |
| }, type + " " + expectation.none + " for '" + policy + "'"); |
| } else { |
| var worker = new Worker("./resources/worker-testharness.php?csp=" + policy + "&type=" + type + "&expectation=" + expectation); |
| fetch_tests_from_worker(worker); |
| } |
| } |
| |
| // The policy delivered with the worker does not affect the worker context. |
| runWorkerTest("eval", "script-src 'none'", { "none": "allowed" }); |
| runWorkerTest("eval", "default-src 'none'", { "none": "allowed" }); |
| runWorkerTest("eval", "script-src 'self'", "allowed"); |
| runWorkerTest("eval", "default-src 'self'", "allowed"); |
| runWorkerTest("eval", "script-src 'self' 'unsafe-eval'", "allowed"); |
| runWorkerTest("eval", "default-src 'self' 'unsafe-eval'", "allowed"); |
| </script> |
| </body> |
| </html> |