mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
600d2857cc
Backed out changeset 254c1ac4ab8b (bug 842657) Backed out changeset 58a2011beeac (bug 763879)
21 lines
820 B
HTML
21 lines
820 B
HTML
<!--
|
|
-- The original CSP implementation predates the CSP 1.0 spec and didn't
|
|
-- block inline styles, so when the prefixed X-Content-Security-Policy header is used,
|
|
-- as it is for this file, inline styles should be allowed.
|
|
-->
|
|
<html>
|
|
<head>
|
|
<title>CSP inline script tests</title>
|
|
</head>
|
|
<body onload="window.parent.scriptRan(false, 'eventattr', 'event attribute in body tag fired')">
|
|
|
|
<script type="text/javascript">
|
|
window.parent.scriptRan(false, "textnode", "text node in a script tag executed.");
|
|
</script>
|
|
|
|
<iframe src='javascript:window.parent.parent.scriptRan(false, "jsuri", "javascript: uri in image tag")'></iframe>
|
|
|
|
<a id='anchortoclick' href='javascript:window.parent.scriptRan(false, "jsuri", "javascript: uri in anchor tag ran when clicked.");'>stuff</a>
|
|
</body>
|
|
</html>
|