[ tor-browser ].git.dasho

img-src-full-host-wildcard-blocked.sub.html (706B)

      1 <!DOCTYPE html>
      2 <meta http-equiv="Content-Security-Policy" content="img-src *.{{host}}:{{ports[http][0]}}">
      3 <html>
      4 <head>
      5    <title>img-src with full host and wildcard blocks correctly.</title>
      6    <script src='/resources/testharness.js'></script>
      7    <script src='/resources/testharnessreport.js'></script>
      8 </head>
      9 <body>
     10    <div id='log'></div>
     11 
     12    <script>
     13      var t1 = async_test("img src does not match full host and wildcard csp directive");
     14    </script>
     15    <img src='http://{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.png'
     16         onload='t1.step(function() { assert_unreached("Image should have loaded"); t1.done(); });'
     17         onerror='t1.done();'>
     18 
     19 </body>
     20 </html>

	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE