The Tor Browser / file comparison
comparison: content/base/test/csp/file_CSP_main.html
content/base/test/csp/file_CSP_main.html
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:f2f41998d2ba |
|---|---|
| 1 <html> | |
| 2 <head> | |
| 3 <link rel='stylesheet' type='text/css' | |
| 4 href='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=style_bad&type=text/css' /> | |
| 5 <link rel='stylesheet' type='text/css' | |
| 6 href='file_CSP.sjs?testid=style_good&type=text/css' /> | |
| 7 | |
| 8 <!-- Used to embed inline styles here for testing fonts, but can't do that --> | |
| 9 <!-- due to bug 763879 (block inline styles). Moved these to an external, CSS --> | |
| 10 <!-- file (file_CSP.css). --> | |
| 11 <link rel='stylesheet' type='text/css' href='file_CSP.css' /> | |
| 12 | |
| 13 </head> | |
| 14 <body> | |
| 15 <!-- these should be stopped by CSP. :) --> | |
| 16 <img src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=img_bad&type=img/png"> </img> | |
| 17 <audio src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=media_bad&type=audio/vorbis"></audio> | |
| 18 <script src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=script_bad&type=text/javascript'></script> | |
| 19 <iframe src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=frame_bad&content=FAIL'></iframe> | |
| 20 <object width="10" height="10"> | |
| 21 <param name="movie" value="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_bad&type=application/x-shockwave-flash"> | |
| 22 <embed src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_bad&type=application/x-shockwave-flash"></embed> | |
| 23 </object> | |
| 24 | |
| 25 <!-- these should load ok. :) --> | |
| 26 <img src="file_CSP.sjs?testid=img_good&type=img/png" /> | |
| 27 <audio src="file_CSP.sjs?testid=media_good&type=audio/vorbis"></audio> | |
| 28 <script src='file_CSP.sjs?testid=script_good&type=text/javascript'></script> | |
| 29 <iframe src='file_CSP.sjs?testid=frame_good&content=PASS'></iframe> | |
| 30 | |
| 31 <object width="10" height="10"> | |
| 32 <param name="movie" value="file_CSP.sjs?testid=object_good&type=application/x-shockwave-flash"> | |
| 33 <embed src="file_CSP.sjs?testid=object_good&type=application/x-shockwave-flash"></embed> | |
| 34 </object> | |
| 35 | |
| 36 <!-- XHR tests... they're taken care of in this script, | |
| 37 and since the URI doesn't have any 'testid' values, | |
| 38 it will just be ignored by the test framework. --> | |
| 39 <script src='file_CSP_main.js'></script> | |
| 40 | |
| 41 <!-- Support elements for the @font-face test --> | |
| 42 <div class="div_arbitrary_good">arbitrary good</div> | |
| 43 <div class="div_arbitrary_bad">arbitrary_bad</div> | |
| 44 </body> | |
| 45 </html> |
