The Tor Browser / file comparison
comparison: content/base/test/csp/file_CSP_main_spec_compliant.html
content/base/test/csp/file_CSP_main_spec_compliant.html
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:bf19d99a5a04 |
|---|---|
| 1 <html> | |
| 2 <head> | |
| 3 <link rel='stylesheet' type='text/css' | |
| 4 href='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=style_spec_compliant_bad&type=text/css' /> | |
| 5 <link rel='stylesheet' type='text/css' | |
| 6 href='file_CSP.sjs?testid=style_spec_compliant_good&type=text/css' /> | |
| 7 | |
| 8 | |
| 9 <style> | |
| 10 /* CSS font embedding tests */ | |
| 11 @font-face { | |
| 12 font-family: "arbitrary_good"; | |
| 13 src: url('file_CSP.sjs?testid=font_spec_compliant_good&type=application/octet-stream'); | |
| 14 } | |
| 15 @font-face { | |
| 16 font-family: "arbitrary_bad"; | |
| 17 src: url('http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=font_spec_compliant_bad&type=application/octet-stream'); | |
| 18 } | |
| 19 | |
| 20 .div_arbitrary_good { font-family: "arbitrary_good"; } | |
| 21 .div_arbitrary_bad { font-family: "arbitrary_bad"; } | |
| 22 </style> | |
| 23 </head> | |
| 24 <body> | |
| 25 <!-- these should be stopped by CSP. :) --> | |
| 26 <img src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=img_spec_compliant_bad&type=img/png"> </img> | |
| 27 <audio src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=media_spec_compliant_bad&type=audio/vorbis"></audio> | |
| 28 <script src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=script_spec_compliant_bad&type=text/javascript'></script> | |
| 29 <iframe src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=frame_spec_compliant_bad&content=FAIL'></iframe> | |
| 30 <object width="10" height="10"> | |
| 31 <param name="movie" value="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_spec_compliant_bad&type=application/x-shockwave-flash"> | |
| 32 <embed src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_spec_compliant_bad&type=application/x-shockwave-flash"></embed> | |
| 33 </object> | |
| 34 | |
| 35 <!-- these should load ok. :) --> | |
| 36 <img src="file_CSP.sjs?testid=img_spec_compliant_good&type=img/png" /> | |
| 37 <audio src="file_CSP.sjs?testid=media_spec_compliant_good&type=audio/vorbis"></audio> | |
| 38 <script src='file_CSP.sjs?testid=script_spec_compliant_good&type=text/javascript'></script> | |
| 39 <iframe src='file_CSP.sjs?testid=frame_spec_compliant_good&content=PASS'></iframe> | |
| 40 | |
| 41 <object width="10" height="10"> | |
| 42 <param name="movie" value="file_CSP.sjs?testid=object_spec_compliant_good&type=application/x-shockwave-flash"> | |
| 43 <embed src="file_CSP.sjs?testid=object_spec_compliant_good&type=application/x-shockwave-flash"></embed> | |
| 44 </object> | |
| 45 | |
| 46 <!-- XHR tests... they're taken care of in this script, | |
| 47 and since the URI doesn't have any 'testid' values, | |
| 48 it will just be ignored by the test framework. --> | |
| 49 <script src='file_CSP_main_spec_compliant.js'></script> | |
| 50 | |
| 51 <!-- Support elements for the @font-face test --> | |
| 52 <div class="div_arbitrary_good">arbitrary good</div> | |
| 53 <div class="div_arbitrary_bad">arbitrary_bad</div> | |
| 54 </body> | |
| 55 </html> |
