| <!DOCTYPE html> |
| <html> |
| <head> |
| <meta http-equiv="Content-Security-Policy" content="img-src *"> |
| </head> |
| <script> |
| if (window.testRunner) |
| testRunner.waitUntilDone(); |
| |
| var fileInput; |
| |
| function testFinished() |
| { |
| if (window.testRunner) |
| testRunner.notifyDone(); |
| } |
| |
| function loadImage(event) |
| { |
| var image = document.createElement("img"); |
| image.height = "128"; |
| image.width = "128"; |
| image.alt = "PASS"; |
| image.onload = testFinished; |
| image.onerror = testFinished; |
| image.src = window.URL.createObjectURL(event.target.files[0]); |
| |
| document.body.removeChild(fileInput); |
| document.body.appendChild(image); |
| } |
| |
| function runTest() |
| { |
| if (!window.eventSender) |
| return; |
| |
| var x = fileInput.offsetLeft + fileInput.offsetWidth / 2; |
| var y = fileInput.offsetTop + fileInput.offsetHeight / 2; |
| |
| eventSender.beginDragWithFiles(["../../fast/dom/resources/abe.png"]); |
| eventSender.mouseMoveTo(x, y); |
| eventSender.mouseUp(); |
| } |
| |
| window.onload = function () |
| { |
| fileInput = document.getElementById("file"); |
| fileInput.onchange = loadImage; |
| runTest(); |
| } |
| </script> |
| <body> |
| <p>This tests that loading image with a blob URL is blocked when the page has Content Security Policy "image-src *". To run this test by hand, select an image file. This test PASSED if you see the word PASS below. Otherwise, it FAILED.</p> |
| <input type="file" id="file" accept="image/*"> |
| </body> |
| </html> |
