[ tor-browser ].git.dasho

form-action-src-allowed-target-blank.sub.html (1089B)

      1 <!DOCTYPE html>
      2 <html>
      3 <head>
      4  <title>form-action-src-redirect-allowed-target-blank</title>
      5  <meta http-equiv="Content-Security-Policy" content="form-action 'self'">
      6  <script src="/resources/testharness.js"></script>
      7  <script src="/resources/testharnessreport.js"></script>
      8  <script>
      9    function OnDocumentLoaded() {
     10      let test = async_test("form submission targetting _blank allowed after a redirect");
     11      window.addEventListener("message", function(event) {
     12        if (event.data == "DocumentNotBlocked") {
     13          event.source.close();
     14          test.done();
     15        }
     16      });
     17 
     18      let form = document.getElementById("form");
     19      form.action =
     20        "/content-security-policy/form-action/support/post-message-to-opener.sub.html";
     21 
     22      let submit = document.getElementById("submit");
     23      submit.click();
     24    }
     25  </script>
     26 </head>
     27 <body onload="OnDocumentLoaded();">
     28  <form id="form" method="GET" target="_blank" rel="opener">
     29    <input type="hidden" name="message" value="DocumentNotBlocked">
     30    <input type="submit" id="submit">
     31  </form>
     32 </body>
     33 </html>

	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE