<!DOCTYPE html>
<html>
<head>
<title>import-style-disallowed</title>
<meta
http-equiv="Content-Security-Policy"
content="style-src 'unsafe-inline'; script-src 'self' 'unsafe-inline'; connect-src 'self';"
/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
</head>
<body>
<body>
<script>
promise_test((t) => {
let check_spv = new Promise((resolve, reject) => {
window.addEventListener("securitypolicyviolation", (e) => {
if (e.blockedURI.endsWith("blocked.css")) {
resolve();
}
});
});
return Promise.all([
promise_rejects_js(t, TypeError, import("./resources/blocked.css", { with: { type: "css" } })),
check_spv,
]);
});
</script>
</body>
</body>
</html>
Codebase Browser
chromium