tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

document-function-blocked.html (674B)

      1 <!DOCTYPE html>
      2 <script src="/resources/testharness.js"></script>
      3 <script src="/resources/testharnessreport.js"></script>
      4 <script src="/content-security-policy/support/testharness-helper.js"></script>
      5 <body>
      6 <script>
      7  async_test(t => {
      8    let iframe = document.createElement("iframe");
      9    iframe.src = "/content-security-policy/xslt/support/xml-with-stylesheet.xml";
     10    document.body.append(iframe);
     11 
     12    iframe.contentWindow.addEventListener("securitypolicyviolation", t.step_func_done(e => {
     13        assert_true(e.blockedURI.endsWith("xslt/support/empty.xml"), "Blocked empty.xml request")
     14    }));
     15  }, "XSL document() function is blocked by CSP");
     16 </script>
     17 </body>