content/base/test/csp/file_csp_report.sjs@deefc01c0e14
content/base/test/csp/file_csp_report.sjs
Thu, 15 Jan 2015 21:03:48 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 15 Jan 2015 21:03:48 +0100
- branch
- TOR_BUG_9701
- changeset 11
- deefc01c0e14
- permissions
- -rw-r--r--
Integrate friendly tips from Tor colleagues to make (or not) 4.5 alpha 3;
This includes removal of overloaded (but unused) methods, and addition of
a overlooked call to DataStruct::SetData(nsISupports, uint32_t, bool.)
1 // SJS file for CSP violation report test
2 // https://bugzilla.mozilla.org/show_bug.cgi?id=548193
3 function handleRequest(request, response)
4 {
5 var query = {};
6 request.queryString.split('&').forEach(function (val) {
7 var [name, value] = val.split('=');
8 query[name] = unescape(value);
9 });
11 response.setHeader("Content-Type", "text/html", false);
13 // avoid confusing cache behaviors
14 response.setHeader("Cache-Control", "no-cache", false);
16 // set CSP header
17 response.setHeader("X-Content-Security-Policy",
18 "allow 'self'; report-uri http://mochi.test:8888/csp-report.cgi",
19 false);
21 // content which will trigger a violation report
22 response.write('<html><body>');
23 response.write('<img src="http://example.org/tests/content/base/test/file_CSP.sjs?testid=img_bad&type=img/png"> </img>');
24 response.write('</body></html>');
25 }
