Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(260)

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/image-full-host-wildcard-fails.html

Issue 1367933003: CSP source *.x.y should not match host x.y (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <meta http-equiv="Content-Security-Policy" content="img-src *.127.0.0.1:8000; sc ript-src 'unsafe-inline'"> 4 <meta http-equiv="Content-Security-Policy" content="img-src *.127.0.0.1:8000; sc ript-src 'unsafe-inline'">
5 <script> 5 <script>
6 if (window.testRunner) 6 if (window.testRunner)
7 testRunner.dumpAsText(); 7 testRunner.dumpAsText();
8 </script> 8 </script>
9 </head> 9 </head>
10 <body> 10 <body>
11 <img src="../resources/abe.png" onload="alert(this.width == 76 ? 'PASS' : 'FAIL' )"> 11 <img src="../resources/abe.png" onerror="alert('PASS')">
12 </body> 12 </body>
13 </html> 13 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698