| <!DOCTYPE html> |
| <html> |
| <head> |
| <meta charset="utf-8"> |
| <title>Resource Timing - Error cases</title> |
| <meta http-equiv="Content-Security-Policy" content="img-src 'self'"> |
| <link rel="help" href="https://w3c.github.io/resource-timing/#resources-included"> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="resources/rt-utilities.sub.js"></script> |
| </head> |
| <body> |
| <h1>Resource Timing: Error cases</h1> |
| <div id="log"></div> |
| <script> |
| promise_test(function(t) { |
| let rejectedImageURL = crossOriginURL("csp-denied", "WebKit/resource-timing/resources/resource.png"); |
| let allowedImageURL = uniqueImageURL("csp-allowed"); |
| |
| let rejectedImg = document.body.appendChild(document.createElement("img")); |
| rejectedImg.src = rejectedImageURL; |
| |
| let allowedImg = document.body.appendChild(document.createElement("img")); |
| allowedImg.src = allowedImageURL; |
| |
| return observeResources(1).then(([entry]) => { |
| checkResourceTimingEntryType(entry, {name: allowedImageURL}); |
| }); |
| }, "Content-Security-Policy rejections do not create entries"); |
| |
| promise_test(function(t) { |
| let rejectedDataURL = crossOriginURL("cors-denied", "WebKit/resource-timing/resources/data.json"); |
| let allowedDataURL = crossOriginURL("cors-allowed", "WebKit/resource-timing/resources/data.json") + "&pipe=header(Access-Control-Allow-Origin,*)"; |
| |
| fetch(rejectedDataURL).catch(function(){}); |
| fetch(allowedDataURL); |
| |
| return observeResources(1).then(([entry]) => { |
| checkResourceTimingEntryType(entry, {name: allowedDataURL}); |
| }); |
| }, "CORS preflight failures do not create entries"); |
| |
| // FIXME: Mixed content? |
| </script> |
| </body> |
| </html> |
