| <!DOCTYPE html> |
| <head> |
| <meta charset="utf-8"> |
| <script src="/common/utils.js"></script> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="resources/early-hints-helpers.sub.js"></script> |
| </head> |
| <body> |
| <script> |
| promise_test(async (t) => { |
| const iframe = document.createElement("iframe"); |
| |
| const resource_url = CROSS_ORIGIN_RESOURCES_URL + "/empty.js?" + token(); |
| const params = new URLSearchParams(); |
| params.set("resource-url", resource_url); |
| params.set("token", token()); |
| const iframe_url = CROSS_ORIGIN_RESOURCES_URL + "/html-with-early-hints.h2.py?" + params.toString(); |
| |
| iframe.src = iframe_url; |
| document.body.appendChild(iframe); |
| // Make sure the iframe didn't load. See https://github.com/whatwg/html/issues/125 for why a |
| // timeout is used here. Long term all network error handling should be similar and have a |
| // reliable event. |
| assert_equals(iframe.contentDocument.body.localName, "body"); |
| await t.step_wait(() => iframe.contentDocument === null); |
| |
| // Fetch the hinted resource and make sure it's not preloaded. |
| await fetchScript(resource_url); |
| const entries = performance.getEntriesByName(resource_url); |
| assert_equals(entries.length, 1); |
| assert_not_equals(entries[0].transferSize, 0); |
| }, "Early hints for an iframe that violates Cross-Origin-Embedder-Policy should be ignored."); |
| </script> |
| </body> |
