tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

style_attribute_allowed.html (1070B)

      1 <!DOCTYPE HTML>
      2 <html>
      3 
      4 <head>
      5    <meta http-equiv="Content-Security-Policy" content="img-src *;
      6                      style-src 'unsafe-hashes' 'sha256-S0VSqEOmzmyOifPfat2sJ7ELOgkldAEbaXlvi5iMqjc=';">
      7    <!--
      8      'sha256-S0VSqEOmzmyOifPfat2sJ7ELOgkldAEbaXlvi5iMqjc=' ==> 'background: green'
      9      -->
     10    <title>Event handlers should be allowed if a matching hash and 'unsafe-hashes' are present</title>
     11    <script src='/resources/testharness.js'></script>
     12    <script src='/resources/testharnessreport.js'></script>
     13 </head>
     14 
     15 <body>
     16    <div id='log'></div>
     17    <script>
     18        var t1 = async_test("Test that the inline style attribute is loaded");
     19 
     20        self.check_for_style = t1.step_func_done(function() {
     21          assert_equals("green", document.getElementById('test').style.background);
     22        });
     23 
     24        window.addEventListener('securitypolicyviolation', t1.unreached_func("Should have not raised any event"));
     25    </script>
     26    <img src='../support/pass.png' id='test' style='background: green'
     27         onload='check_for_style()'>
     28 </body>
     29 
     30 </html>