| Index: LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html
|
| ===================================================================
|
| --- LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html (revision 0)
|
| +++ LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html (revision 49838)
|
| @@ -0,0 +1,26 @@
|
| +<!DOCTYPE html>
|
| +<html>
|
| +<head>
|
| +</head>
|
| +<body>
|
| +<script>
|
| +if (window.layoutTestController) {
|
| + layoutTestController.dumpAsText();
|
| +}
|
| +
|
| +var mime_types = ["application/atom+xml", "application/json",
|
| + "application/javascript", "application/rss+xml", "text/",
|
| + "text/cache-manifest", "text/css", "text/ecmascript",
|
| + "text/javascript", "text/javascript1.1", "text/javascript1.2",
|
| + "text/javascript1.3", "text/jscript", "text/livescript",
|
| + "text/plain", "text/vnd.chromium.ftp-dir"];
|
| +
|
| +for(var i in mime_types) {
|
| + var ifr = document.createElement('iframe');
|
| + ifr.src = "http://localhost:8000/security/resources/send-mime-types.php?mt=" + escape(mime_types[i]);
|
| + document.body.appendChild(ifr);
|
| +}
|
| +</script>
|
| +<p>Test non-image and javascript mime types are not rendered as HTML.</p>
|
| +</body>
|
| +</html>
|
|
|
Chromium Code Reviews
Issue 2845006:
Merge 57386 - 2010-04-09 Abhishek Arya <inferno@chromium.org>... (Closed)
Base URL: svn://chrome-svn/chrome/branches/WebKit/375/