img-png-mislabeled-as-html-nosniff.tentative.sub.html (641B)
1 <!DOCTYPE html> 2 <!-- Test verifies that CORB blocks an image mislabeled as text/html if 3 sniffing is disabled via `X-Content-Type-Options: nosniff` response header. 4 This has an observable effect (the image stops rendering), compared to the 5 behavior with no CORB. 6 --> 7 <meta charset="utf-8"> 8 <!-- Reference page uses same-origin resources, which are not CORB-eligible. --> 9 <link rel="match" href="img-png-mislabeled-as-html-nosniff.tentative.sub-ref.html"> 10 <!-- www1 is cross-origin, so the HTTP response is CORB-eligible --> 11 <img src="http://{{domains[www1]}}:{{ports[http][0]}}/fetch/corb/resources/png-mislabeled-as-html-nosniff.png">