content/base/test/csp/file_csp_report.sjs@b8a032363ba2
content/base/test/csp/file_csp_report.sjs
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 // SJS file for CSP violation report test
2 // https://bugzilla.mozilla.org/show_bug.cgi?id=548193
3 function handleRequest(request, response)
4 {
5 var query = {};
6 request.queryString.split('&').forEach(function (val) {
7 var [name, value] = val.split('=');
8 query[name] = unescape(value);
9 });
11 response.setHeader("Content-Type", "text/html", false);
13 // avoid confusing cache behaviors
14 response.setHeader("Cache-Control", "no-cache", false);
16 // set CSP header
17 response.setHeader("X-Content-Security-Policy",
18 "allow 'self'; report-uri http://mochi.test:8888/csp-report.cgi",
19 false);
21 // content which will trigger a violation report
22 response.write('<html><body>');
23 response.write('<img src="http://example.org/tests/content/base/test/file_CSP.sjs?testid=img_bad&type=img/png"> </img>');
24 response.write('</body></html>');
25 }
