The Tor Browser / file revision

content/base/test/csp/file_CSP_main.html@b8a032363ba2

content/base/test/csp/file_CSP_main.html

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 <html>

     2   <head>

     3     <link rel='stylesheet' type='text/css'

     4           href='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=style_bad&type=text/css' />

     5     <link rel='stylesheet' type='text/css'

     6           href='file_CSP.sjs?testid=style_good&type=text/css' />

     7 

     8     <!-- Used to embed inline styles here for testing fonts, but can't do that -->

     9     <!-- due to bug 763879 (block inline styles). Moved these to an external, CSS -->

    10     <!-- file (file_CSP.css).  -->

    11     <link rel='stylesheet' type='text/css' href='file_CSP.css' />

    12 

    13   </head>

    14   <body>

    15     <!-- these should be stopped by CSP.  :) -->

    16     <img src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=img_bad&type=img/png"> </img>

    17     <audio src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=media_bad&type=audio/vorbis"></audio>

    18     <script src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=script_bad&type=text/javascript'></script>

    19     <iframe src='http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=frame_bad&content=FAIL'></iframe>

    20     <object width="10" height="10">

    21       <param name="movie" value="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_bad&type=application/x-shockwave-flash">

    22       <embed src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=object_bad&type=application/x-shockwave-flash"></embed>

    23     </object>

    24 

    25     <!-- these should load ok.  :) -->

    26     <img src="file_CSP.sjs?testid=img_good&type=img/png" />

    27     <audio src="file_CSP.sjs?testid=media_good&type=audio/vorbis"></audio>

    28     <script src='file_CSP.sjs?testid=script_good&type=text/javascript'></script>

    29     <iframe src='file_CSP.sjs?testid=frame_good&content=PASS'></iframe>

    30 

    31     <object width="10" height="10">

    32       <param name="movie" value="file_CSP.sjs?testid=object_good&type=application/x-shockwave-flash">

    33       <embed src="file_CSP.sjs?testid=object_good&type=application/x-shockwave-flash"></embed>

    34     </object>

    35 

    36     <!-- XHR tests... they're taken care of in this script, 

    37          and since the URI doesn't have any 'testid' values, 

    38          it will just be ignored by the test framework.  -->

    39     <script src='file_CSP_main.js'></script>

    40 

    41     <!-- Support elements for the @font-face test -->

    42     <div class="div_arbitrary_good">arbitrary good</div>

    43     <div class="div_arbitrary_bad">arbitrary_bad</div>

    44   </body>

    45 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial