Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 29 insertions, 0 deletions

diff --git a/dom/security/test/csp/file_bug888172.html b/dom/security/test/csp/file_bug888172.html
new file mode 100644
index 0000000000..8c0fc46066
--- /dev/null
+++ b/dom/security/test/csp/file_bug888172.html
@@ -0,0 +1,29 @@
+<!doctype html>
+<html>
+  <body>
+    <ol>
+      <li id="unsafe-inline-script">Inline script (green if allowed, black if blocked)</li>
+      <li id="unsafe-eval-script">Eval script (green if allowed, black if blocked)</li>
+      <li id="unsafe-inline-style">Inline style (green if allowed, black if blocked)</li>
+    </ol>
+
+    <script>
+      // Use inline script to set a style attribute
+    document.getElementById("unsafe-inline-script").style.color = "green";
+
+    // Use eval to set a style attribute
+    // try/catch is used because CSP causes eval to throw an exception when it
+    // is blocked, which would derail the rest of the tests  in this file.
+    try {
+      // eslint-disable-next-line no-eval
+      eval('document.getElementById("unsafe-eval-script").style.color = "green";');
+    } catch (e) {}
+    </script>
+
+    <style>
+      li#unsafe-inline-style {
+        color: green;
+      }
+    </style>
+  </body>
+</html>