Add WPT for CSP with trailing dot in hostname

This CL adds a generic WPT test to make sure hosts with trailing dots can be defined in CSP. The CL targets connect-src directive as a proof of concept. More tests can be added for other directives later on. Bug: 1512075 Change-Id: Ia3d8ec4c4b6594d46ff6c65ff8275bfd6bdd70fb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5185382 Reviewed-by: Antonio Sartori <antoniosartori@chromium.org> Commit-Queue: Saeid Eid <saeideid@chromium.org> Reviewed-by: Jonathan Hao <phao@chromium.org> Cr-Commit-Position: refs/heads/main@{#1246451}
web-platform-tests · Jan 12, 2024 · c48d657 · c48d657
1 parent 1299813
commit c48d657
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 0 deletions.
diff --git a/content-security-policy/generic/src-trailing-dot.sub.any.js b/content-security-policy/generic/src-trailing-dot.sub.any.js
@@ -0,0 +1,6 @@
+// META: global=window,worker
+
+promise_test(t => {
+    return fetch("{{location[scheme]}}://{{host}}.:{{location[port]}}"
+        + "/content-security-policy/support/resource.py");
+}, "Fetch from host with trailing dot should be allowed by CSP.");
diff --git a/content-security-policy/generic/src-trailing-dot.sub.any.js.sub.headers b/content-security-policy/generic/src-trailing-dot.sub.any.js.sub.headers
@@ -0,0 +1 @@
+Content-Security-Policy: connect-src {{location[scheme]}}://{{host}}.:{{location[port]}}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Content-Security-Policy: connect-src {{location[scheme]}}://{{host}}.:{{location[port]}}