Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(84)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/base-uri-deny.html

Issue 2447003002: CSP: 'violated-directive' should match 'effective-directive'. (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/base-uri-deny-expected.txt » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 <!DOCTYPE html> 1 <!DOCTYPE html>
2 <html> 2 <html>
3 <head> 3 <head>
4 <meta http-equiv="Content-Security-Policy" content="base-uri 'self'"> 4 <meta http-equiv="Content-Security-Policy" content="base-uri 'self'">
5 <script src="http://localhost:8000/js-test-resources/js-test.js"></script> 5 <script src="http://localhost:8000/js-test-resources/js-test.js"></script>
6 <script src="http://localhost:8000/security/contentSecurityPolicy/resources/ securitypolicyviolation-test.js"></script> 6 <script src="http://localhost:8000/security/contentSecurityPolicy/resources/ securitypolicyviolation-test.js"></script>
7 <script> 7 <script>
8 description('Check that base URIs cannot be set if they violate the page \'s policy.'); 8 description('Check that base URIs cannot be set if they violate the page \'s policy.');
9 9
10 var expectations = { 10 var expectations = {
11 'documentURI': document.location.toString(), 11 'documentURI': document.location.toString(),
12 'referrer': document.referrer, 12 'referrer': document.referrer,
13 'blockedURI': 'http://example.com/base', 13 'blockedURI': 'http://example.com/base',
14 'violatedDirective': 'base-uri \'self\'', 14 'violatedDirective': 'base-uri',
15 'effectiveDirective': 'base-uri', 15 'effectiveDirective': 'base-uri',
16 'originalPolicy': 'base-uri \'self\'', 16 'originalPolicy': 'base-uri \'self\'',
17 'sourceFile': document.location.toString(), 17 'sourceFile': document.location.toString(),
18 'lineNumber': 24 18 'lineNumber': 24
19 }; 19 };
20 20
21 function run() { 21 function run() {
22 var base = document.createElement('base'); 22 var base = document.createElement('base');
23 base.href = 'http://example.com/base'; 23 base.href = 'http://example.com/base';
24 document.head.appendChild(base); 24 document.head.appendChild(base);
25 25
26 shouldBe('document.baseURI', 'document.location.href'); 26 shouldBe('document.baseURI', 'document.location.href');
27 } 27 }
28 </script> 28 </script>
29 </head> 29 </head>
30 <body> 30 <body>
31 </body> 31 </body>
32 </html> 32 </html>
OLDNEW
« no previous file with comments | « no previous file | third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/base-uri-deny-expected.txt » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698