diff options
Diffstat (limited to 'dom/security/test/csp/file_pdfjs_not_subject_to_csp.html')
-rw-r--r-- | dom/security/test/csp/file_pdfjs_not_subject_to_csp.html | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/dom/security/test/csp/file_pdfjs_not_subject_to_csp.html b/dom/security/test/csp/file_pdfjs_not_subject_to_csp.html new file mode 100644 index 0000000000..da5c7f0a6e --- /dev/null +++ b/dom/security/test/csp/file_pdfjs_not_subject_to_csp.html @@ -0,0 +1,21 @@ +<html> +<head> + <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-allowPDF'; base-uri 'self'"> +</head> +<body> +<iframe id="pdfFrame"></iframe> +<br/> +<button id="pdfButton">click to load pdf</button> +<script nonce="allowPDF"> + async function loadPDFIntoIframe() { + let response = await fetch("dummy.pdf"); + let blob = await response.blob(); + var blobUrl = URL.createObjectURL(blob); + var pdfFrame = document.getElementById("pdfFrame"); + pdfFrame.src = blobUrl; + } + let pdfButton = document.getElementById("pdfButton"); + pdfButton.addEventListener("click", loadPDFIntoIframe); +</script> +</body> +</html> |