Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/dangling-markup/link-prefetch.html 

<!DOCTYPE html>
<head>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
  if (window.internals) {
    internals.settings.setLogDnsPrefetchAndPreconnect(true);
  }
  console.error("This test relies on dumping data via `window.internals`.");
</script>

<!-- PRECONNECT -->
<link rel="preconnect" href="//1.should.preconnect.test">
<link rel="preconnect" href="//2.should.preco
nnect.test">
<link rel="preconnect" href="//3.should.not.preco
nnect.test<">

<!-- DNS-PREFETCH -->
<link rel="dns-prefetch" href="//1.should.dns-prefetch.test">
<link rel="dns-prefetch" href="//2.should.dns-
prefetch.test">
<link rel="dns-prefetch" href="//3.should.not.dns-
prefetch.test<">

</head>
<body>
<script>
  function readableURL(url) {
    return url.replace(/\n/g, "\\n").replace(/\r/g, "\\r").replace(/\t/g, "\\t");
  }

  var should_load = [
    `/resources/square.png?1`,
    `/resources/squ\nare.png?2`,
    `/resources/squ\tare.png?3`,
    `/resources/squ\rare.png?4`,
    `/resources/square.png?img=<&amp;5`,
    `/resources/square.png?img=&lt;&amp;6`,
    `/resources/square.png?img=%3C&amp;7`,
    `/resources/squ\nare.png?img=%3C&amp;8`,
    `/resources/squ\rare.png?img=%3C&amp;9`,
    `/resources/squ\tare.png?img=%3C&amp;10`,
    `/resources/square.png?img=&#10;&amp;11`,
    `/resources/squ\nare.png?img=&#10;&amp;12`,
    `/resources/squ\rare.png?img=&#10;&amp;13`,
    `/resources/squ\tare.png?img=&#10;&amp;14`,
  ];
  should_load.forEach(url => async_test(t => {
    var link = document.createElement('link');
    link.rel = "prefetch";
    link.href = url;
    link.onload = t.step_func_done();
    link.onerror = t.unreached_func("Prefetch should not fail.");
    document.body.appendChild(link);
  }, "Prefetch: " + readableURL(url)));

  var should_block = [
    `/resources/squ\nare.png?block=<`,
    `/resources/squ\rare.png?block=<`,
    `/resources/squ\tare.png?block=<`,
    `/resources/square.png?<\n=block`,
    `/resources/square.png?<\r=block`,
    `/resources/square.png?<\t=block`,
  ];
  should_block.forEach(url => async_test(t => {
    var link = document.createElement('link');
    link.rel = "prefetch";
    link.href = url;
    link.onload = t.unreached_func("Prefetch should fail.");
    document.body.appendChild(link);

    // We verify above that `load` doesn't fire, but `error` doesn't fire
    // either. Ugh. Timeout after a bit, and check the resourcetiming entries.
    setTimeout(t.step_func_done(_ => {
      assert_equals(performance.getEntriesByName(url).length, 0);
    }), 1000);
  }, "Prefetch: " + readableURL(url)));
</script>