same-origin-report.https.sub.html (433B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <title>Generates a CSP violation report and sends it to a same-origin endpoint</title> 5 </head> 6 <body> 7 <script> 8 const img = document.createElement('img'); 9 img.src = "/reporting/resources/fail.png"; 10 document.body.appendChild(img); 11 // Post back to the main frame that the report should have been queued. 12 top.postMessage("done", "*"); 13 </script> 14 </body> 15 </html>