OLD | NEW |
(Empty) | |
| 1 <!DOCTYPE html> |
| 2 <html> |
| 3 <head> |
| 4 <title>svg-policy-with-resource</title> |
| 5 <script src="/resources/testharness.js"></script> |
| 6 <script src="/resources/testharnessreport.js"></script> |
| 7 </head> |
| 8 |
| 9 <body> |
| 10 <p>Tests that an SVG loaded in an iframe with a policy enforces it, not |
| 11 the policy enforced by this parent frame. The SVG should render and |
| 12 not redirect to a different resource.</p> |
| 13 <div id="log"></div> |
| 14 <?xml version="1.0" standalone="no"?> |
| 15 <svg width="6cm" height="5cm" viewBox="0 0 600 500" |
| 16 xmlns="http://www.w3.org/2000/svg" version="1.1"> |
| 17 |
| 18 <script type="application/ecmascript" |
| 19 xlink:href="http://www1.{{host}}:{{ports[http][0]}}/content-security
-policy/support/.js"> |
| 20 </script> |
| 21 |
| 22 <circle cx="300" cy="225" r="100" fill="lawngreen"/> |
| 23 |
| 24 <text x="300" y="250" |
| 25 font-family="Verdana" |
| 26 font-size="50" |
| 27 text-anchor="middle"> |
| 28 PASS |
| 29 </text> |
| 30 </svg> |
| 31 |
| 32 <script async defer src='../support/checkReport.sub.js?reportField=violated-
directive&reportValue=script-src%20%27self%27+%27unsafe-inline%27'></script> |
| 33 </body> |
| 34 </html> |
OLD | NEW |