Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(11)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/meta-outside-head.html

Issue 132563006: CSP 1.1: <meta> delivery should be ignored outside <head>. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: rebase. Created 6 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/meta-outside-head-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inlin e' example.com/js/">
5 <script> 4 <script>
6 if (window.testRunner) 5 if (window.testRunner)
7 testRunner.dumpAsText(); 6 testRunner.dumpAsText();
8 </script> 7 </script>
9 </head> 8 </head>
10 <body> 9 <body>
11 <p>This test passes if the source expression does not throw an "invalid sour ce" error.</p> 10 <p>This test checks that Content Security Policy delivered via a meta elemen t is not enforced if the element is outside the document's head.</p>
11 <meta http-equiv="Content-Security-Policy" content="script-src 'none'">
12 <script>
13 alert("PASS (1/1)");
14 </script>
12 </body> 15 </body>
13 </html> 16 </html>
OLDNEW
« no previous file with comments | « no previous file | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/meta-outside-head-expected.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698