• file
• revisions
• annotate
• diff
• comparison
• raw

content/base/test/csp/file_CSP_main_spec_compliant.html@6474c204b198 (annotated)

content/base/test/csp/file_CSP_main_spec_compliant.html

Wed, 31 Dec 2014 06:09:35 +0100

author

Michael Schloh von Bennewitz <michael@schloh.com>

date

Wed, 31 Dec 2014 06:09:35 +0100

changeset 0

6474c204b198

permissions

-rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

michael@0	1	<html>
michael@0	2	<head>
michael@0	3	<link rel='stylesheet' type='text/css'
michael@0	4	href='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=style_spec_compliant_bad&type=text/css' />
michael@0	5	<link rel='stylesheet' type='text/css'
michael@0	6	href='file_CSP.sjs?testid=style_spec_compliant_good&type=text/css' />
michael@0	7
michael@0	8
michael@0	9	<style>
michael@0	10	/* CSS font embedding tests */
michael@0	11	@font-face {
michael@0	12	font-family: "arbitrary_good";
michael@0	13	src: url('file_CSP.sjs?testid=font_spec_compliant_good&type=application/octet-stream');
michael@0	14	}
michael@0	15	@font-face {
michael@0	16	font-family: "arbitrary_bad";
michael@0	17	src: url('http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=font_spec_compliant_bad&type=application/octet-stream');
michael@0	18	}
michael@0	19
michael@0	20	.div_arbitrary_good { font-family: "arbitrary_good"; }
michael@0	21	.div_arbitrary_bad { font-family: "arbitrary_bad"; }
michael@0	22	</style>
michael@0	23	</head>
michael@0	24	<body>
michael@0	25	<!-- these should be stopped by CSP. :) -->
michael@0	26	<img src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=img_spec_compliant_bad&type=img/png"> </img>
michael@0	27	<audio src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=media_spec_compliant_bad&type=audio/vorbis"></audio>
michael@0	28	<script src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=script_spec_compliant_bad&type=text/javascript'></script>
michael@0	29	<iframe src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=frame_spec_compliant_bad&content=FAIL'></iframe>
michael@0	30	<object width="10" height="10">
michael@0	31	<param name="movie" value="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_spec_compliant_bad&type=application/x-shockwave-flash">
michael@0	32	<embed src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_spec_compliant_bad&type=application/x-shockwave-flash"></embed>
michael@0	33	</object>
michael@0	34
michael@0	35	<!-- these should load ok. :) -->
michael@0	36	<img src="file_CSP.sjs?testid=img_spec_compliant_good&type=img/png" />
michael@0	37	<audio src="file_CSP.sjs?testid=media_spec_compliant_good&type=audio/vorbis"></audio>
michael@0	38	<script src='file_CSP.sjs?testid=script_spec_compliant_good&type=text/javascript'></script>
michael@0	39	<iframe src='file_CSP.sjs?testid=frame_spec_compliant_good&content=PASS'></iframe>
michael@0	40
michael@0	41	<object width="10" height="10">
michael@0	42	<param name="movie" value="file_CSP.sjs?testid=object_spec_compliant_good&type=application/x-shockwave-flash">
michael@0	43	<embed src="file_CSP.sjs?testid=object_spec_compliant_good&type=application/x-shockwave-flash"></embed>
michael@0	44	</object>
michael@0	45
michael@0	46	<!-- XHR tests... they're taken care of in this script,
michael@0	47	and since the URI doesn't have any 'testid' values,
michael@0	48	it will just be ignored by the test framework. -->
michael@0	49	<script src='file_CSP_main_spec_compliant.js'></script>
michael@0	50
michael@0	51	<!-- Support elements for the @font-face test -->
michael@0	52	<div class="div_arbitrary_good">arbitrary good</div>
michael@0	53	<div class="div_arbitrary_bad">arbitrary_bad</div>
michael@0	54	</body>
michael@0	55	</html>