| OLD | NEW |
|---|
| 1 CONSOLE ERROR: Refused to execute script from 'http://127.0.0.1:8000/security/co
ntentTypeOptions/resources/script-with-header.pl' because its MIME type ('text/p
lain') is not executable, and strict MIME type checking is enabled. | 1 CONSOLE ERROR: Refused to execute script from 'http://127.0.0.1:8000/security/co
ntentTypeOptions/resources/script-with-header.pl?mime=application/json' because
its MIME type ('application/json') is not executable, and strict MIME type check
ing is enabled. |
| 2 Check that script sent with an 'X-Content-Type-Options: nosniff' header is corre
ctly blocked if no 'Content-Type' header is present. | 2 Check that script sent with an 'X-Content-Type-Options: nosniff' header is corre
ctly blocked if the MIME type isn't scripty. |
| 3 | 3 |
| 4 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
". | 4 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
". |
| 5 | 5 |
| 6 | 6 |
| 7 PASS window.scriptsSuccessfullyLoaded is 0 | 7 PASS window.scriptsSuccessfullyLoaded is 0 |
| 8 PASS successfullyParsed is true | 8 PASS successfullyParsed is true |
| 9 | 9 |
| 10 TEST COMPLETE | 10 TEST COMPLETE |
| 11 | 11 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 185593011:
Apply 'x-content-type-options' check to dynamically inserted script. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk