| <p>Test that a script element with a crossorigin attribute does not load a cross-origin script when the resource sharing check fails on the response.</p> |
| <pre></pre> |
| <script> |
| if (window.testRunner) { |
| testRunner.dumpAsText(); |
| testRunner.waitUntilDone(); |
| } |
| |
| var result = "PASS"; |
| |
| function must_not_fire() { |
| result = "FAIL"; |
| } |
| |
| function finish() { |
| document.querySelector("pre").innerHTML = result; |
| if (window.testRunner) |
| testRunner.notifyDone(); |
| } |
| </script> |
| <!-- This script should _not_ load, nor fire onload. --> |
| <script crossorigin="anonymous" src="http://localhost:8000/security/resources/cors-script.php?cors=false&value=FAIL" onload="must_not_fire()" onerror="finish();"></script> |