diff options
Diffstat (limited to '')
2 files changed, 10 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/inheritance/support/navigate-self-to-blob.html b/testing/web-platform/tests/content-security-policy/inheritance/support/navigate-self-to-blob.html new file mode 100644 index 0000000000..9ea069969c --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/inheritance/support/navigate-self-to-blob.html @@ -0,0 +1,6 @@ +<script nonce="abc"> + var blob_string = "<script>alert(document.domain)<\/script>"; + var blob = new Blob([blob_string], {type : 'text/html'}); + var url = URL.createObjectURL(blob); + location.href=url; +</script> diff --git a/testing/web-platform/tests/content-security-policy/inheritance/support/navigate-self-to-blob.html.sub.headers b/testing/web-platform/tests/content-security-policy/inheritance/support/navigate-self-to-blob.html.sub.headers new file mode 100644 index 0000000000..2642b0fa06 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/inheritance/support/navigate-self-to-blob.html.sub.headers @@ -0,0 +1,4 @@ +Expires: Mon, 26 Jul 1997 05:00:00 GMT +Cache-Control: no-store, no-cache, must-revalidate +Pragma: no-cache +Content-Security-Policy: {{GET[csp]}}; report-uri http://{{host}}:{{ports[http][0]}}/reporting/resources/report.py?op=put&reportID={{GET[report_id]}} |