Source code

Revision control

Other Tools

1
<!DOCTYPE html>
2
<html>
3
4
<head>
5
<!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
6
<meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'self' 'unsafe-inline'; connect-src 'self'; style-src 'self'; frame-src 'self';">
7
<title>form-action-src-default-ignored</title>
8
<script src="/resources/testharness.js"></script>
9
<script src="/resources/testharnessreport.js"></script>
10
<script src='../support/logTest.sub.js?logs=["PASS","TEST COMPLETE"]'></script>
11
<script src="../support/alertAssert.sub.js?alerts=[]"></script>
12
<script>
13
window.addEventListener('securitypolicyviolation', function(e) {
14
log('Fail');
15
});
16
window.addEventListener("message", function(event) {
17
log(event.data);
18
}, false);
19
window.addEventListener('load', function() {
20
setTimeout(function() {
21
document.getElementById('submit').click();
22
log("TEST COMPLETE");
23
}, 0);
24
});
25
26
</script>
27
</head>
28
29
<body>
30
<iframe name="test_target" id="test_iframe"></iframe>
31
32
<form action="/common/redirect.py?location=/content-security-policy/support/postmessage-pass.html" id="theform" method="post" target="test_target">
33
<input type="text" name="fieldname" value="fieldvalue">
34
<input type="submit" id="submit" value="submit">
35
</form>
36
<p>Tests that default-src does not cascade to form-action.</p>
37
<div id="log"></div>
38
</body>
39
40
</html>