content/base/test/csp/file_csp_report.sjs@97036ab72558
content/base/test/csp/file_csp_report.sjs
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
1 // SJS file for CSP violation report test
2 // https://bugzilla.mozilla.org/show_bug.cgi?id=548193
3 function handleRequest(request, response)
4 {
5 var query = {};
6 request.queryString.split('&').forEach(function (val) {
7 var [name, value] = val.split('=');
8 query[name] = unescape(value);
9 });
11 response.setHeader("Content-Type", "text/html", false);
13 // avoid confusing cache behaviors
14 response.setHeader("Cache-Control", "no-cache", false);
16 // set CSP header
17 response.setHeader("X-Content-Security-Policy",
18 "allow 'self'; report-uri http://mochi.test:8888/csp-report.cgi",
19 false);
21 // content which will trigger a violation report
22 response.write('<html><body>');
23 response.write('<img src="http://example.org/tests/content/base/test/file_CSP.sjs?testid=img_bad&type=img/png"> </img>');
24 response.write('</body></html>');
25 }
