content/base/test/csp/file_csp_report.sjs@129ffea94266
content/base/test/csp/file_csp_report.sjs
Sat, 03 Jan 2015 20:18:00 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 03 Jan 2015 20:18:00 +0100
- branch
- TOR_BUG_3246
- changeset 7
- 129ffea94266
- permissions
- -rw-r--r--
Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.
1 // SJS file for CSP violation report test
2 // https://bugzilla.mozilla.org/show_bug.cgi?id=548193
3 function handleRequest(request, response)
4 {
5 var query = {};
6 request.queryString.split('&').forEach(function (val) {
7 var [name, value] = val.split('=');
8 query[name] = unescape(value);
9 });
11 response.setHeader("Content-Type", "text/html", false);
13 // avoid confusing cache behaviors
14 response.setHeader("Cache-Control", "no-cache", false);
16 // set CSP header
17 response.setHeader("X-Content-Security-Policy",
18 "allow 'self'; report-uri http://mochi.test:8888/csp-report.cgi",
19 false);
21 // content which will trigger a violation report
22 response.write('<html><body>');
23 response.write('<img src="http://example.org/tests/content/base/test/file_CSP.sjs?testid=img_bad&type=img/png"> </img>');
24 response.write('</body></html>');
25 }
