Index: LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html |
=================================================================== |
--- LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html (revision 0) |
+++ LayoutTests/http/tests/security/xss-DENIED-mime-type-execute-as-html.html (revision 49838) |
@@ -0,0 +1,26 @@ |
+<!DOCTYPE html> |
+<html> |
+<head> |
+</head> |
+<body> |
+<script> |
+if (window.layoutTestController) { |
+ layoutTestController.dumpAsText(); |
+} |
+ |
+var mime_types = ["application/atom+xml", "application/json", |
+ "application/javascript", "application/rss+xml", "text/", |
+ "text/cache-manifest", "text/css", "text/ecmascript", |
+ "text/javascript", "text/javascript1.1", "text/javascript1.2", |
+ "text/javascript1.3", "text/jscript", "text/livescript", |
+ "text/plain", "text/vnd.chromium.ftp-dir"]; |
+ |
+for(var i in mime_types) { |
+ var ifr = document.createElement('iframe'); |
+ ifr.src = "http://localhost:8000/security/resources/send-mime-types.php?mt=" + escape(mime_types[i]); |
+ document.body.appendChild(ifr); |
+} |
+</script> |
+<p>Test non-image and javascript mime types are not rendered as HTML.</p> |
+</body> |
+</html> |