OLD | NEW |
(Empty) | |
| 1 <!DOCTYPE html> |
| 2 <html> |
| 3 |
| 4 <head> |
| 5 <!-- Programmatically converted from a WebKit Reftest, please forgive result
ing idiosyncracies.--> |
| 6 <title>srcdoc-doesnt-bypass-script-src</title> |
| 7 <script src="/resources/testharness.js"></script> |
| 8 <script src="/resources/testharnessreport.js"></script> |
| 9 <script src="../support/alertAssert.sub.js?alerts=%5B%5D"></script> |
| 10 <!-- enforcing policy: |
| 11 script-src 'self'; connect-src 'self'; |
| 12 --> |
| 13 </head> |
| 14 |
| 15 <body> |
| 16 This test passes if it doesn't alert fail. |
| 17 <iframe srcdoc="<script>window.parent.alert_assert('FAIL')&l
t;/script>"></iframe> |
| 18 <div id="log"></div> |
| 19 <script async defer src="../support/checkReport.sub.js?reportExists=true&
;reportField=violated-directive&reportValue=script-src%20'self'"><
/script> |
| 20 </body> |
| 21 |
| 22 </html> |
OLD | NEW |