meta-modified.html (974B)
1 <!DOCTYPE html> 2 <html> 3 4 <head> 5 <meta id="meta_csp" http-equiv="Content-Security-Policy" content="img-src 'none'"> 6 <title>meta-modified</title> 7 <script src="/resources/testharness.js"></script> 8 <script src="/resources/testharnessreport.js"></script> 9 <script src='../support/logTest.sub.js?logs=["PASS", "PASS","TEST COMPLETE"]'></script> 10 </head> 11 12 <body> 13 <p>Test passes if the image is blocked both before and after policy modification.</p> 14 15 <script> 16 function testImgSrc() { 17 var img = document.createElement('img'); 18 img.src = '../support/fail.png'; 19 img.onerror = function() { 20 log("PASS"); 21 }; 22 img.onload = function() { 23 log("FAIL"); 24 }; 25 document.body.appendChild(img); 26 } 27 testImgSrc(); 28 document.getElementById("meta_csp").setAttribute("content", "img-src *"); 29 testImgSrc(); 30 log("TEST COMPLETE"); 31 </script> 32 <div id="log"></div> 33 </body> 34 35 </html>