LayoutTests/http/tests/security/contentSecurityPolicy/1.1/meta-outside-head.html - Issue 132563006: CSP 1.1: <meta> delivery should be ignored outside <head>.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/meta-outside-head.html

Issue 132563006: CSP 1.1: <meta> delivery should be ignored outside <head>. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Created 6 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 <!DOCTYPE html>	1 <!DOCTYPE html>

2 <html>	2 <html>

3 <head>	3 <head>

4 <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inlin e' example.com/js/">

5 <script>	4 <script>

6 if (window.testRunner)	5 if (window.testRunner)

7 testRunner.dumpAsText();	6 testRunner.dumpAsText();

8 </script>	7 </script>

9 </head>	8 </head>

10 <body>	9 <body>

11 <p>This test passes if the source expression does not throw an "invalid sour ce" error.</p>	10 <p>This test checks that Content Security Policy delivered via a meta elemen t is not enforced if the element is outside the document's head.</p>

	11 <meta http-equiv="Content-Security-Policy" content="script-src 'none'">

	12 <script>

	13 alert("PASS (1/1)");

	14 </script>

12 </body>	15 </body>

13 </html>	16 </html>

OLD	NEW

« no previous file with comments | « no previous file | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/meta-outside-head-expected.txt » ('j') | Source/core/dom/Document.h » ('J')