Make about:srcdoc to inherit PolicyContainer from history.

This correspond to HTML PR: whatwg/html#8057 We should wait for the HTML PR to be merged before reflecting this into the test. This makes the test to pass on Chrome and Firefox, who both restore PolicyContainer from history. Bug:1329190 Change-Id: Ib9dfd5a592295cbabb5dffbb690e430c350161ce
web-platform-tests · Jun 30, 2022 · 9f14565 · 9f14565
1 parent f1c5bcd
commit 9f14565
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html b/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html
@@ -39,17 +39,17 @@ <h1>This is a dummy page that should not store the inherited policy
   const img = iframe.contentDocument.createElement('img');
 
   const promise = new Promise((resolve, reject) => {
-    iframe.contentDocument.onsecuritypolicyviolation = resolve;
+    img.onload = resolve;
     // First the security policy violation should be reported, which will finish
     // this test. If for some reason the error event is fired without the
     // violation being reported, something else went wrong—fail the test.
     img.error = e => {
       reject(new Error("The srcdoc iframe's img failed to load but not due to " +
                        "a CSP violation"));
     };
-    img.onload = e => {
-      reject(new Error("The srcdoc iframe's img loaded correctly, bypassing " +
-                       "the parent's update CSP"));
+    iframe.contentDocument.onsecuritypolicyviolation = e => {
+      reject(new Error("The srcdoc iframe's img has been blocked by the " +
+        "new CSP. It means it was different and wasn't restored from history"));
     };
   });
   // The srcdoc iframe tries to load an image, and should generate a security