Adding upstream version 110.0.1.upstream/110.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 27 insertions, 0 deletions

diff --git a/dom/security/test/csp/file_meta_element.html b/dom/security/test/csp/file_meta_element.html
new file mode 100644
index 0000000000..17f19c7c86
--- /dev/null
+++ b/dom/security/test/csp/file_meta_element.html
@@ -0,0 +1,27 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <meta http-equiv="Content-Security-Policy"
+        content= "img-src 'none'; script-src 'unsafe-inline'; report-uri http://www.example.com; frame-ancestors https:; sandbox allow-scripts">
+  <title>Bug 663570 - Implement Content Security Policy via meta tag</title>
+</head>
+<body>
+
+  <!-- try to load an image which is forbidden by meta CSP -->
+  <img id="testimage"></img>
+
+  <script type="application/javascript">
+    var myImg = document.getElementById("testimage");
+    myImg.onload = function(e) {
+      window.parent.postMessage({result: "img-loaded"}, "*");
+    };
+    myImg.onerror = function(e) {
+      window.parent.postMessage({result: "img-blocked"}, "*");
+    };
+    //Image should be tried to load only after onload/onerror event declaration.
+    myImg.src = "http://mochi.test:8888/tests/image/test/mochitest/blue.png";
+  </script>
+
+</body>
+</html>