browser/components/sessionstore/test/browser_911547_sample.html@129ffea94266
browser/components/sessionstore/test/browser_911547_sample.html
Sat, 03 Jan 2015 20:18:00 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 03 Jan 2015 20:18:00 +0100
- branch
- TOR_BUG_3246
- changeset 7
- 129ffea94266
- permissions
- -rw-r--r--
Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.
1 <!DOCTYPE html>
2 <html>
3 <head>
4 <title>Test 911547</title>
5 </head>
6 <body>
8 <!--
9 this element gets modified by an injected script;
10 that script should be blocked by CSP.
11 Inline scripts can modify it, but not data uris.
12 -->
13 <input type="text" id="test_id" value="ok">
15 <a id="test_data_link" href="data:text/html,<input type='text' id='test_id2' value='ok'/> <script>document.getElementById('test_id2').value = 'fail';</script>">Test Link</a>
17 </body>
18 </html>
