blob: 24eeeff374e2f70669143fb354f390713deb1462 [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="img-src *">
</head>
<script>
if (window.testRunner)
testRunner.waitUntilDone();
var fileInput;
function testFinished()
{
if (window.testRunner)
testRunner.notifyDone();
}
function loadImage(event)
{
var image = document.createElement("img");
image.height = "128";
image.width = "128";
image.alt = "PASS";
image.onload = testFinished;
image.onerror = testFinished;
image.src = window.URL.createObjectURL(event.target.files[0]);
document.body.removeChild(fileInput);
document.body.appendChild(image);
}
function runTest()
{
if (!window.eventSender)
return;
var x = fileInput.offsetLeft + fileInput.offsetWidth / 2;
var y = fileInput.offsetTop + fileInput.offsetHeight / 2;
eventSender.beginDragWithFiles(["../../fast/dom/resources/abe.png"]);
eventSender.mouseMoveTo(x, y);
eventSender.mouseUp();
}
window.onload = function ()
{
fileInput = document.getElementById("file");
fileInput.onchange = loadImage;
runTest();
}
</script>
<body>
<p>This tests that loading image with a blob URL is blocked when the page has Content Security Policy &quot;image-src *&quot;. To run this test by hand, select an image file. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p>
<input type="file" id="file" accept="image/*">
</body>
</html>