chromium/third_party/blink/web_tests/fast/loader/javascript-url-hierarchical-execution.html

<!doctype html>
<html>
<script>
if (window.testRunner) {
    testRunner.dumpAsText();
    testRunner.setCustomPolicyDelegate(true, true);
}

function runTest()
{
    var e = document.createEvent("MouseEvents");
    e.initEvent("click", true, false);
    document.getElementById("clickTest").dispatchEvent(e);
}
</script>
<body onload="runTest();">
This tests to see what Chromium does with invalid javascript urls of the form "javascript://".<br>
These should be detected as hierarchical, but invalid urls if the host part includes spaces.<br>
JavaScript execution nor navigation should not happen and you should remain at this page.<br>
On the other hand, if the contents after "javascript:" are considered valid javascript code, a comment, that may be executed and you should remain at this page too.<br>
See wpt/url/javascript-urls.window.js, which tests whether javascript code is executed or not.<br>
If you click the link below and Chromium tries to navigate - probably to an error page - then the test failed.<br>
In DumpRenderTree, if the custom policy delegate indicates that a load was attempted, then the test failed.<br><br>
<a id="clickTest" href="javascript://Spaceballs: The Comment!">Click me to test</a>
</body>
</html>