tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

meta-outside-head.sub.html (1100B)

      1 <!DOCTYPE html>
      2 <html>
      3 
      4 <head>
      5    <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
      6    <title>meta-outside-head</title>
      7    <script src="/resources/testharness.js"></script>
      8    <script src="/resources/testharnessreport.js"></script>
      9    <script src="../support/logTest.sub.js?logs=[]"></script>
     10    <script src='../support/alertAssert.sub.js?alerts=["PASS (1/1)"]'></script>
     11    <!-- enforcing policy:
     12 script-src 'self' 'unsafe-inline' 'nonce-abc'; connect-src 'self';
     13 -->
     14 </head>
     15 
     16 <body>
     17    <script nonce='abc'>
     18        window.addEventListener('securitypolicyviolation', function(e) {
     19            alert_assert("Fail");
     20        });
     21    </script>
     22 
     23    <meta http-equiv="Content-Security-Policy" content="script-src 'self'">
     24    <p>This test checks that Content Security Policy delivered via a meta element is not enforced if the element is outside the document&apos;s head.</p>
     25    <script nonce='abc'>
     26        var aa = "PASS (1/1)";
     27    </script>
     28    <script src="../meta/support/metaHelper.js"></script>
     29    <div id="log"></div>
     30 </body>
     31 
     32 </html>