Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(610)

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/xssAuditor/resources/javascript-link-safe.php

Issue 2524013002: XSS Auditor: Block by default. (Closed)
Patch Set: Rebase+Test Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 <?php header("X-XSS-Protection: 1"); ?>
1 <!DOCTYPE html> 2 <!DOCTYPE html>
2 <html> 3 <html>
3 <head> 4 <head>
4 </head> 5 </head>
5 <body> 6 <body>
6 <a id="anchorLink" href="javascript:alert('This is a safe script.')">test</a> 7 <a id="anchorLink" href="javascript:alert('This is a safe script.')">test</a>
7 <script> 8 <script>
8 var event = document.createEvent('MouseEvent'); 9 var event = document.createEvent('MouseEvent');
9 event.initEvent('click', true, true); 10 event.initEvent('click', true, true);
10 document.getElementById('anchorLink').dispatchEvent(event); 11 document.getElementById('anchorLink').dispatchEvent(event);
11 12
12 if (window.testRunner) 13 if (window.testRunner)
13 testRunner.notifyDone(); 14 testRunner.notifyDone();
14 </script> 15 </script>
15 </body> 16 </body>
16 </html> 17 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698