[ tor-browser ].git.dasho

script-src-attr-allowed-src-blocked.html (607B)

      1 <!DOCTYPE html>
      2 <html>
      3 
      4 <head>
      5    <meta http-equiv="Content-Security-Policy" content="script-src-attr 'unsafe-inline';
      6    script-src 'nonce-abc';">
      7    <script nonce='abc' src="/resources/testharness.js"></script>
      8    <script nonce='abc' src="/resources/testharnessreport.js"></script>
      9 </head>
     10 
     11 <body>
     12    <script nonce='abc'>
     13      var t = async_test("Should not fire a security policy violation event");
     14      window.addEventListener('securitypolicyviolation', t.unreached_func("Should not have fired a spv event"));
     15    </script>
     16 
     17    <img src="../support/pass.png" onload="t.done()">
     18 </body>
     19 
     20 </html>

	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE