browser/components/sessionstore/test/browser_911547_sample.html@6474c204b198 (annotated)
browser/components/sessionstore/test/browser_911547_sample.html
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
| michael@0 | 1 | <!DOCTYPE html> |
| michael@0 | 2 | <html> |
| michael@0 | 3 | <head> |
| michael@0 | 4 | <title>Test 911547</title> |
| michael@0 | 5 | </head> |
| michael@0 | 6 | <body> |
| michael@0 | 7 | |
| michael@0 | 8 | <!-- |
| michael@0 | 9 | this element gets modified by an injected script; |
| michael@0 | 10 | that script should be blocked by CSP. |
| michael@0 | 11 | Inline scripts can modify it, but not data uris. |
| michael@0 | 12 | --> |
| michael@0 | 13 | <input type="text" id="test_id" value="ok"> |
| michael@0 | 14 | |
| michael@0 | 15 | <a id="test_data_link" href="data:text/html,<input type='text' id='test_id2' value='ok'/> <script>document.getElementById('test_id2').value = 'fail';</script>">Test Link</a> |
| michael@0 | 16 | |
| michael@0 | 17 | </body> |
| michael@0 | 18 | </html> |
