blob: 65d26ac57ede3e1022692313cf7be41f6d884a9f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="Content-Security-Policy" content="default-src 'nonce-abc';">
<title></title>
</head>
<!-- event handler -->
<body onload="alert('onload');">
<!-- img-src -->
<img src="image.png">
<!-- external script -->
<script src=script.js></script>
<!-- inline script -->
<script>
alert("failure");
</script>
<script nonce="abc">
/* worker-src */
new Worker("/worker.js")
</script>
<script nonce="abc">
// eslint-disable-next-line no-eval
eval("hello world");
</script>
</body>
</html>
|
