Skip to main content

Browse the archive

https://github.com/web-platform-tests/wpt
26 December 2018, 22:31:15 UTC
Raw File
Tip revision: 4fa850e7a10c5a1d1ee610dd9f61fa190396d929 authored by pyup-bot on 12 April 2018, 19:55:24 UTC
Update mozprofile from 0.29 to 1.0.0
Tip revision: 4fa850e
block-string-assignment-to-script-src.tentative.html 
<!DOCTYPE html>
<html>
<head>
  <script src="/resources/testharness.js"></script>
  <script src="/resources/testharnessreport.js"></script>
  <script src="./support/helper.js"></script>

  <meta http-equiv="Content-Security-Policy" content="require-trusted-types">
</head>
<body>
<script>
  // String assignments throw.
  test(t => {
    var s = document.createElement('script');
    assert_throws(new TypeError(), _ => {
      s.src = URLS.safe;
    });
    assert_equals('', s.src);
  }, "'string'");

  // TrustedURL assignments throw.
  test(t => {
    var url = TrustedURL.unsafelyCreate(URLS.safe);

    var s = document.createElement('script');
    assert_throws(new TypeError(), _ => {
      s.src = url;
    });
    assert_equals('', s.src);
  }, "TrustedURL(safe)");

  // TrustedScriptURL assignments work.
  test(t => {
    var url = TrustedScriptURL.unsafelyCreate(URLS.safe);

    var s = document.createElement('script');
    s.src = url;
    assert_equals(url + '', s.src);
  }, "TrustedScriptURL(safe)");

  test(t => {
    var url = TrustedScriptURL.unsafelyCreate(URLS.javascript);

    var s = document.createElement('script');
    s.src = url;
    assert_equals(url + '', s.src);
  }, "TrustedScriptURL(javascript)");

  test(t => {
    var url = TrustedScriptURL.unsafelyCreate(URLS.external);

    var s = document.createElement('script');
    s.src = url;
    assert_equals(url + '', s.src);
  }, "TrustedScriptURL(external)");
</script>
back to top