diff options
Diffstat (limited to '')
2 files changed, 23 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/reporting/report-blocked-uri.html b/testing/web-platform/tests/content-security-policy/reporting/report-blocked-uri.html new file mode 100644 index 0000000000..1cfff902a2 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/reporting/report-blocked-uri.html @@ -0,0 +1,16 @@ +<!DOCTYPE html> +<html> +<head> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <title>Blocked relative images are reported correctly</title> + <!-- CSP headers +Content-Security-Policy: script-src 'self' 'unsafe-inline' +Content-Security-Policy-Report-Only: img-src 'none'; script-src 'self' 'unsafe-inline'; report-uri /reporting/resources/report.py?op=put&reportID={{$id}} +--> +</head> +<body> + <img src="../support/pass.png"> + <script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=img-src%20%27none%27'></script> +</body> +</html> diff --git a/testing/web-platform/tests/content-security-policy/reporting/report-blocked-uri.html.sub.headers b/testing/web-platform/tests/content-security-policy/reporting/report-blocked-uri.html.sub.headers new file mode 100644 index 0000000000..8fb2f58aba --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/reporting/report-blocked-uri.html.sub.headers @@ -0,0 +1,7 @@ +Expires: Mon, 26 Jul 1997 05:00:00 GMT +Cache-Control: no-store, no-cache, must-revalidate +Cache-Control: post-check=0, pre-check=0, false +Pragma: no-cache +Set-Cookie: report-blocked-uri={{$id:uuid()}}; Path=/content-security-policy/reporting/ +Content-Security-Policy: script-src 'self' 'unsafe-inline' +Content-Security-Policy-Report-Only: img-src 'none'; script-src 'self' 'unsafe-inline'; report-uri /reporting/resources/report.py?op=put&reportID={{$id}} |