[ tor-browser ].git.dasho

file_docwrite_meta.html (833B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <head>
      4  <title>Bug 663570 - Test doc.write(meta csp)</title>
      5  <meta charset="utf-8">
      6 
      7  <!-- Use doc.write() to apply meta csp -->
      8  <script type="application/javascript">
      9    var metaCSP = "style-src 'none';  script-src 'none'; img-src 'none'";
     10    document.write("<meta http-equiv=\"Content-Security-Policy\" content=\" " + metaCSP + "\">");
     11  </script>
     12 
     13  <!-- try to load a css which is forbidden by meta CSP -->
     14  <link rel="stylesheet" type="text/css" href="file_docwrite_meta.css">
     15 
     16  <!-- try to load a script which is forbidden by meta CSP -->
     17  <script id="testscript" src="file_docwrite_meta.js"></script>
     18 
     19 </head>
     20 <body>
     21 
     22  <!-- try to load an image which is forbidden by meta CSP -->
     23  <img id="testimage" src="http://mochi.test:8888/tests/image/test/mochitest/blue.png"></img>
     24 
     25 </body>
     26 </html>

	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE