third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-3-expected.txt - Issue 2428473004: Remove the 'reflected-xss' directive from CSP.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-3-expected.txt

Issue 2428473004: Remove the 'reflected-xss' directive from CSP. (Closed)

Patch Set: Test. Created 4 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-2-expected.txt ('k') | third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-4-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 CONSOLE ERROR: Error parsing header X-XSS-Protection: 1; mode=purple: invalid mo de directive at character position 8. The default protections will be applied.	1 CONSOLE ERROR: Error parsing header X-XSS-Protection: 1; mode=purple: invalid mo de directive at character position 8. The default protections will be applied.

2 CONSOLE ERROR: line 4: The XSS Auditor refused to execute a script in 'http://12 7.0.0.1:8000/security/xssAuditor/resources/echo-intertag.pl?notifyDone=1&malform ed-header=3&q=%3Cscript%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3 E%3Cp%3EIf%20you%20see%20this%20message%20and%20no%20JavaScript%20alert()%20then %20the%20test%20PASSED.%3C/p%3E' because its source code was found within the re quest. The auditor was enabled as the server sent neither an 'X-XSS-Protection' nor 'Content-Security-Policy' header.	2 CONSOLE ERROR: line 4: The XSS Auditor refused to execute a script in 'http://12 7.0.0.1:8000/security/xssAuditor/resources/echo-intertag.pl?notifyDone=1&malform ed-header=3&q=%3Cscript%3Ealert(String.fromCharCode(0x58,0x53,0x53))%3C/script%3 E%3Cp%3EIf%20you%20see%20this%20message%20and%20no%20JavaScript%20alert()%20then %20the%20test%20PASSED.%3C/p%3E' because its source code was found within the re quest. The auditor was enabled as the server did not send an 'X-XSS-Protection' header.

3 This tests that a malformed X-XSS-Protection header is not ignored and an error is reported when the mode= token is invalid.	3 This tests that a malformed X-XSS-Protection header is not ignored and an error is reported when the mode= token is invalid.

4	4

5	5

6	6

7 --------	7 --------

8 Frame: 'frame'	8 Frame: 'frame'

9 --------	9 --------

10 If you see this message and no JavaScript alert() then the test PASSED.	10 If you see this message and no JavaScript alert() then the test PASSED.

11	11

12 Page rendered here.	12 Page rendered here.

OLD	NEW