/dom/security/test/csp/
../
Ahem.ttf
File
browser.toml
browser_manifest-src-override-default-src.js
browser_pdfjs_not_subject_to_csp.js
browser_test_bookmarklets.js
browser_test_uir_optional_clicks.js
browser_test_web_manifest.js
browser_test_web_manifest_mixed_content.js
dummy.pdf
file_CSP.css
file_CSP.sjs
file_allow_https_schemes.html
file_base_uri_server.sjs
file_blob_data_schemes.html
file_blob_top_nav_block_modals.html
file_blob_top_nav_block_modals.html^headers^
file_blob_uri_blocks_modals.html
file_blob_uri_blocks_modals.html^headers^
file_block_all_mcb.sjs
file_block_all_mixed_content_frame_navigation1.html
file_block_all_mixed_content_frame_navigation2.html
file_blocked_uri_in_violation_event_after_redirects.html
file_blocked_uri_in_violation_event_after_redirects.sjs
file_blocked_uri_redirect_frame_src.html
file_blocked_uri_redirect_frame_src.html^headers^
file_blocked_uri_redirect_frame_src_server.sjs
file_bug1229639.html
file_bug1229639.html^headers^
file_bug1312272.html
file_bug1312272.html^headers^
file_bug1312272.js
file_bug1452037.html
file_bug1505412.sjs
file_bug1505412_frame.html
file_bug1505412_frame.html^headers^
file_bug1505412_reporter.sjs
file_bug1738418_child.html
file_bug1738418_parent.html
file_bug1738418_parent.html^headers^
file_bug1764343.html
file_bug1777572.html
file_bug663567.xsl
file_bug663567_allows.xml
file_bug663567_allows.xml^headers^
file_bug663567_blocks.xml
file_bug663567_blocks.xml^headers^
file_bug802872.html
file_bug802872.html^headers^
file_bug802872.js
file_bug802872.sjs
file_bug836922_npolicies.html
file_bug836922_npolicies.html^headers^
file_bug836922_npolicies_ro_violation.sjs
file_bug836922_npolicies_violation.sjs
file_bug885433_allows.html
file_bug885433_allows.html^headers^
file_bug885433_blocks.html
file_bug885433_blocks.html^headers^
file_bug886164.html
file_bug886164.html^headers^
file_bug886164_2.html
file_bug886164_2.html^headers^
file_bug886164_3.html
file_bug886164_3.html^headers^
file_bug886164_4.html
file_bug886164_4.html^headers^
file_bug886164_5.html
file_bug886164_5.html^headers^
file_bug886164_6.html
file_bug886164_6.html^headers^
file_bug888172.html
file_bug888172.sjs
file_bug909029_none.html
file_bug909029_none.html^headers^
file_bug909029_star.html
file_bug909029_star.html^headers^
file_bug910139.sjs
file_bug910139.xml
file_bug910139.xsl
file_bug941404.html
file_bug941404_xhr.html
file_bug941404_xhr.html^headers^
file_child-src_iframe.html
file_child-src_inner_frame.html
file_child-src_service_worker.html
file_child-src_service_worker.js
file_child-src_shared_worker-redirect.html
file_child-src_shared_worker.html
file_child-src_shared_worker.js
file_child-src_shared_worker_data.html
file_child-src_worker-redirect.html
file_child-src_worker.html
file_child-src_worker.js
file_child-src_worker_data.html
file_connect-src-fetch.html
file_connect-src.html
file_csp_frame_ancestors_about_blank.html
file_csp_frame_ancestors_about_blank.html^headers^
file_csp_meta_uir.html
file_data-uri_blocked.html
file_data-uri_blocked.html^headers^
file_data_csp_inheritance.html
file_data_csp_merge.html
file_data_doc_ignore_meta_csp.html
file_doccomment_meta.html
file_docwrite_meta.css
file_docwrite_meta.html
file_docwrite_meta.js
file_dual_header_testserver.sjs
file_dummy_pixel.png
file_empty_directive.html
file_empty_directive.html^headers^
file_evalscript_main.html
file_evalscript_main.html^headers^
file_evalscript_main.js
file_evalscript_main_allowed.html
file_evalscript_main_allowed.html^headers^
file_evalscript_main_allowed.js
file_fontloader.sjs
file_fontloader.woff
file_form-action.html
file_form_action_server.sjs
file_frame_ancestors_ro.html
file_frame_ancestors_ro.html^headers^
file_frame_src.js
file_frame_src_child_governs.html
file_frame_src_frame_governs.html
file_frame_src_inner.html
file_frameancestors.sjs
file_frameancestors_main.html
file_frameancestors_main.js
file_frameancestors_userpass.html
file_frameancestors_userpass_frame_a.html
file_frameancestors_userpass_frame_b.html
file_frameancestors_userpass_frame_c.html
file_frameancestors_userpass_frame_c.html^headers^
file_frameancestors_userpass_frame_d.html
file_frameancestors_userpass_frame_d.html^headers^
file_hash_source.html
file_hash_source.html^headers^
file_iframe_parent_location_js.html
file_iframe_sandbox_document_write.html
file_iframe_sandbox_srcdoc.html
file_iframe_sandbox_srcdoc.html^headers^
file_iframe_srcdoc.sjs
file_ignore_unsafe_inline.html
file_ignore_unsafe_inline_multiple_policies_server.sjs
file_ignore_xfo.html
file_ignore_xfo.html^headers^
file_image_document_pixel.png
file_image_document_pixel.png^headers^
file_image_nonce.html
file_image_nonce.html^headers^
file_independent_iframe_csp.html
file_inlinescript.html
file_inlinestyle_main.html
file_inlinestyle_main.html^headers^
file_inlinestyle_main_allowed.html
file_inlinestyle_main_allowed.html^headers^
file_invalid_source_expression.html
file_leading_wildcard.html
file_link_rel_preload.html
file_main.html
file_main.html^headers^
file_main.js
file_meta_element.html
file_meta_header_dual.sjs
file_meta_whitespace_skipping.html
file_multi_policy_injection_bypass.html
file_multi_policy_injection_bypass.html^headers^
file_multi_policy_injection_bypass_2.html
file_multi_policy_injection_bypass_2.html^headers^
file_multipart_testserver.sjs
file_no_log_ignore_xfo.html
file_no_log_ignore_xfo.html^headers^
file_nonce_redirector.sjs
file_nonce_redirects.html
file_nonce_snapshot.sjs
file_nonce_source.html
file_nonce_source.html^headers^
file_null_baseuri.html
file_object_inherit.html
file_parent_location_js.html
file_path_matching.html
file_path_matching.js
file_path_matching_incl_query.html
file_path_matching_redirect.html
file_path_matching_redirect_server.sjs
file_pdfjs_not_subject_to_csp.html
file_ping.html
file_policyuri_regression_from_multipolicy.html
file_policyuri_regression_from_multipolicy.html^headers^
file_policyuri_regression_from_multipolicy_policy
file_punycode_host_src.js
file_punycode_host_src.sjs
file_redirect_content.sjs
file_redirect_report.sjs
file_redirect_worker.sjs
file_redirects_main.html
file_redirects_page.sjs
file_redirects_resource.sjs
file_report.html
file_report_chromescript.js
file_report_font_cache-1.html
file_report_font_cache-2.html
file_report_font_cache-2.html^headers^
file_report_for_import.css
file_report_for_import.html
file_report_for_import_server.sjs
file_report_uri_missing_in_report_only_header.html
file_report_uri_missing_in_report_only_header.html^headers^
file_ro_ignore_xfo.html
file_ro_ignore_xfo.html^headers^
file_sandbox_1.html
file_sandbox_10.html
file_sandbox_11.html
file_sandbox_12.html
file_sandbox_13.html
file_sandbox_2.html
file_sandbox_3.html
file_sandbox_4.html
file_sandbox_5.html
file_sandbox_6.html
file_sandbox_7.html
file_sandbox_8.html
file_sandbox_9.html
file_sandbox_allow_scripts.html
file_sandbox_allow_scripts.html^headers^
file_sandbox_fail.js
file_sandbox_pass.js
file_scheme_relative_sources.js
file_scheme_relative_sources.sjs
file_script_template.html
file_script_template.js
file_self_none_as_hostname_confusion.html
file_self_none_as_hostname_confusion.html^headers^
file_sendbeacon.html
file_service_worker.html
file_service_worker.js
file_spawn_service_worker.js
file_spawn_shared_worker.js
file_spawn_worker.js
file_strict_dynamic.js
file_strict_dynamic_default_src.html
file_strict_dynamic_default_src.js
file_strict_dynamic_js_url.html
file_strict_dynamic_non_parser_inserted.html
file_strict_dynamic_non_parser_inserted_inline.html
file_strict_dynamic_parser_inserted_doc_write.html
file_strict_dynamic_parser_inserted_doc_write_correct_nonce.html
file_strict_dynamic_script_events.html
file_strict_dynamic_script_events_marquee.html
file_strict_dynamic_script_extern.html
file_strict_dynamic_script_inline.html
file_strict_dynamic_unsafe_eval.html
file_subframe_run_js_if_allowed.html
file_subframe_run_js_if_allowed.html^headers^
file_svg_inline_style_base.html
file_svg_inline_style_csp.html
file_svg_inline_style_server.sjs
file_svg_srcset_inline_style_base.html
file_svg_srcset_inline_style_csp.html
file_test_browser_bookmarklets.html
file_test_browser_bookmarklets.html^headers^
file_testserver.sjs
file_uir_top_nav.html
file_uir_top_nav_dummy.html
file_upgrade_insecure.html
file_upgrade_insecure_cors.html
file_upgrade_insecure_cors_server.sjs
file_upgrade_insecure_docwrite_iframe.sjs
file_upgrade_insecure_loopback.html
file_upgrade_insecure_loopback_form.html
file_upgrade_insecure_loopback_server.sjs
file_upgrade_insecure_meta.html
file_upgrade_insecure_navigation.sjs
file_upgrade_insecure_navigation_redirect.sjs
file_upgrade_insecure_navigation_redirect_cross_origin.html
file_upgrade_insecure_navigation_redirect_same_origin.html
file_upgrade_insecure_report_only.html
file_upgrade_insecure_report_only_server.sjs
file_upgrade_insecure_reporting.html
file_upgrade_insecure_reporting_server.sjs
file_upgrade_insecure_server.sjs
file_upgrade_insecure_wsh.py
file_web_manifest.html
file_web_manifest.json
file_web_manifest.json^headers^
file_web_manifest_https.html
file_web_manifest_https.json
file_web_manifest_mixed_content.html
file_web_manifest_remote.html
file_websocket_csp_upgrade.html
file_websocket_explicit.html
file_websocket_self.html
file_websocket_self_wsh.py
file_win_open_blocked.html
file_windowwatcher_frameA.html
file_windowwatcher_subframeB.html
file_windowwatcher_subframeC.html
file_windowwatcher_subframeD.html
file_windowwatcher_win_open.html
file_worker_src.js
file_worker_src_child_governs.html
file_worker_src_script_governs.html
file_worker_src_worker_governs.html
file_xslt_inherits_csp.xml
file_xslt_inherits_csp.xml^headers^
file_xslt_inherits_csp.xsl
main_csp_worker.html
main_csp_worker.html^headers^
mochitest.toml
referrerdirective.sjs
test_301_redirect.html
test_302_redirect.html
test_303_redirect.html
test_307_redirect.html
test_CSP.html
test_allow_https_schemes.html
test_base-uri.html
test_blob_data_schemes.html
test_blob_uri_blocks_modals.html
test_block_all_mixed_content.html
test_block_all_mixed_content_frame_navigation.html
test_blocked_uri_in_reports.html
test_blocked_uri_in_violation_event_after_redirects.html
test_blocked_uri_redirect_frame_src.html
test_bug1229639.html
test_bug1242019.html
test_bug1312272.html
test_bug1388015.html
test_bug1452037.html
test_bug1505412.html
test_bug1579094.html
test_bug1738418.html
test_bug1764343.html
test_bug1777572.html
test_bug663567.html
test_bug802872.html
test_bug836922_npolicies.html
test_bug885433.html
test_bug886164.html
test_bug888172.html
test_bug909029.html
test_bug910139.html
test_bug941404.html
test_child-src_iframe.html
test_child-src_worker-redirect.html
test_child-src_worker.html
test_child-src_worker_data.html
test_connect-src.html
test_csp_frame_ancestors_about_blank.html
test_csp_style_src_empty_hash.html
test_csp_worker_inheritance.html
test_data_csp_inheritance.html
test_data_csp_merge.html
test_data_doc_ignore_meta_csp.html
test_docwrite_meta.html
test_dual_header.html
test_empty_directive.html
test_evalscript.html
test_evalscript_allowed_by_strict_dynamic.html
test_evalscript_blocked_by_strict_dynamic.html
test_fontloader.html
test_form-action.html
test_form_action_blocks_url.html
test_frame_ancestors_ro.html
test_frame_src.html
test_frameancestors.html
test_frameancestors_userpass.html
test_hash_source.html
test_iframe_sandbox.html
test_iframe_sandbox_srcdoc.html
test_iframe_sandbox_top_1.html
test_iframe_sandbox_top_1.html^headers^
test_iframe_srcdoc.html
test_ignore_unsafe_inline.html
test_ignore_xfo.html
test_image_document.html
test_image_nonce.html
test_independent_iframe_csp.html
test_inlinescript.html
test_inlinestyle.html
test_invalid_source_expression.html
test_leading_wildcard.html
test_link_rel_preload.html
test_meta_csp_self.html
test_meta_element.html
test_meta_header_dual.html
test_meta_whitespace_skipping.html
test_multi_policy_injection_bypass.html
test_multipartchannel.html
test_nonce_redirects.html
test_nonce_snapshot.html
test_nonce_source.html
test_null_baseuri.html
test_object_inherit.html
test_parent_location_js.html
test_path_matching.html
test_path_matching_redirect.html
test_ping.html
test_policyuri_regression_from_multipolicy.html
test_punycode_host_src.html
test_redirects.html
test_report.html
test_report_font_cache.html
test_report_for_import.html
test_report_uri_missing_in_report_only_header.html
test_sandbox.html
test_sandbox_allow_scripts.html
test_scheme_relative_sources.html
test_script_template.html
test_security_policy_violation_event.html
test_self_none_as_hostname_confusion.html
test_sendbeacon.html
test_service_worker.html
test_strict_dynamic.html
test_strict_dynamic_default_src.html
test_strict_dynamic_parser_inserted.html
test_subframe_run_js_if_allowed.html
test_svg_inline_style.html
test_uir_top_nav.html
test_uir_windowwatcher.html
test_upgrade_insecure.html
test_upgrade_insecure_cors.html
test_upgrade_insecure_docwrite_iframe.html
test_upgrade_insecure_loopback.html
test_upgrade_insecure_navigation.html
test_upgrade_insecure_navigation_redirect.html
test_upgrade_insecure_report_only.html
test_upgrade_insecure_reporting.html
test_websocket_localhost.html
test_websocket_self.html
test_win_open_blocked.html
test_worker_src.html
test_xslt_inherits_csp.html
worker.sjs
worker_helper.js