diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /dom/security/test/csp/file_upgrade_insecure_report_only.html | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | dom/security/test/csp/file_upgrade_insecure_report_only.html | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/dom/security/test/csp/file_upgrade_insecure_report_only.html b/dom/security/test/csp/file_upgrade_insecure_report_only.html new file mode 100644 index 0000000000..0c3c36493d --- /dev/null +++ b/dom/security/test/csp/file_upgrade_insecure_report_only.html @@ -0,0 +1,33 @@ +<!DOCTYPE HTML> +<html> +<head> + <meta charset="utf-8"> + <title>Bug 1832249 - Consider report-only flag when upgrading insecure requests</title> +</head> +<body> + <img id="testimage"></img> + + <script> + let route; + if (new URL(document.location).searchParams.get("reportonly")) { + route = "reportonly"; + } + else if (new URL(document.location).searchParams.get("enforce")) { + route = "enforce"; + } + var myImg = document.getElementById("testimage"); + // we need to test http functionality here, so we need to load an http url + /* eslint-disable @microsoft/sdl/no-insecure-url */ + myImg.src = + `http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_report_only_server.sjs?img-${route}`; + /* eslint-enable @microsoft/sdl/no-insecure-url */ + myImg.onload = function(e) { + window.parent.postMessage({result: `${route}-img-ok`}, "*"); + }; + myImg.onerror = function(e) { + window.parent.postMessage({result: `${route}-img-error`}, "*"); + }; + </script> + +</body> +</html> |