content/base/test/csp/file_bug886164.html@b8a032363ba2
content/base/test/csp/file_bug886164.html
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 <html>
2 <head> <meta charset="utf-8"> </head>
3 <body>
4 <!-- sandbox="allow-same-origin" -->
5 <!-- Content-Security-Policy: default-src 'self' -->
7 <!-- these should be stopped by CSP -->
8 <img src="http://example.org/tests/content/base/test/csp/file_CSP.sjs?testid=img_bad&type=img/png"> </img>
10 <!-- these should load ok -->
11 <img src="/tests/content/base/test/csp/file_CSP.sjs?testid=img_good&type=img/png" />
12 <script src='/tests/content/base/test/csp/file_CSP.sjs?testid=scripta_bad&type=text/javascript'></script>
14 </body>
15 </html>
