tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

file_iframe_sandbox_srcdoc.html (324B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 <head>
      4  <meta charset="utf-8">
      5  <title>Bug 1073952 - CSP should restrict scripts in srcdoc iframe even if sandboxed</title>
      6 </head>
      7 <body>
      8 <iframe srcdoc="<img src=x onerror='parent.postMessage({result: `unexpected-csp-violation`}, `*`);'>"
      9        sandbox="allow-scripts"></iframe>
     10 </body>
     11 </html>