OLD | NEW |
1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
2 <html> | 2 <html> |
3 <head> | 3 <head> |
4 <script src="http://localhost:8000/security/xssAuditor/resources/utilities.js"><
/script> | 4 <script src="http://localhost:8000/security/xssAuditor/resources/utilities.js"><
/script> |
5 <script> | 5 <script> |
6 if (window.testRunner) { | 6 if (window.testRunner) { |
7 testRunner.dumpAsText(); | 7 testRunner.dumpAsText(); |
8 testRunner.dumpChildFramesAsText(); | 8 testRunner.dumpChildFramesAsText(); |
9 testRunner.waitUntilDone(); | 9 testRunner.waitUntilDone(); |
10 testRunner.setXSSAuditorEnabled(true); | 10 testRunner.setXSSAuditorEnabled(true); |
11 } | 11 } |
12 </script> | 12 </script> |
13 </head> | 13 </head> |
14 <body> | 14 <body> |
15 <p>This tests that the X-XSS-Protection reports are sent out properly with | 15 <p>This tests that the X-XSS-Protection reports are sent out properly with |
16 the original, unmodified URL even when a history.replaceState() changes it.</p> | 16 the original, unmodified URL even when a history.replaceState() changes it.</p> |
17 <iframe name="frame" src="http://127.0.0.1:8000/security/xssAuditor/resources/ec
ho-intertag.pl?test=report-script-tag.html&echo-report=1&enable-report=1&replace
State=1&q=<script>alert(String.fromCharCode(0x58,0x53,0x53))</script><p>If you s
ee this message, no JavaScript alert(), and a dump of the report below, then the
test PASSED.</p>"> | 17 <iframe id="frame" src="http://127.0.0.1:8000/security/xssAuditor/resources/echo
-intertag.pl?test=report-script-tag.html&echo-report=1&enable-report=1&replaceSt
ate=1&q=<script>alert(String.fromCharCode(0x58,0x53,0x53))</script><p>If you see
this message, no JavaScript alert(), and a dump of the report below, then the t
est PASSED.</p>"> |
18 </iframe> | 18 </iframe> |
19 </body> | 19 </body> |
20 </html> | 20 </html> |
OLD | NEW |