report-uri-from-inline-javascript.html (748B)
1 <!DOCTYPE html> 2 <html> 3 <head> 4 <script src="/resources/testharness.js"></script> 5 <script src="/resources/testharnessreport.js"></script> 6 <title>Violation report is sent from inline javascript.</title> 7 <!-- CSP headers 8 Content-Security-Policy: img-src 'none'; report-uri /reporting/resources/report.py?op=put&reportID={{$id}} 9 --> 10 </head> 11 <body> 12 <script> 13 // This script block will trigger a violation report. 14 var i = document.createElement('img'); 15 i.src = '/security/resources/abe.png'; 16 document.body.appendChild(i); 17 </script> 18 <script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=img-src%20%27none%27'></script> 19 </body> 20 </html>