wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity
67b4356bb2
gecko/content/base/test/file_CSP_inlinescript_main.html
Ryan VanderMeulen dcdda90f46 Backed out 2 changesets (bug 763879, bug 842657) for landing with an r-. DONTBUILD 
Backed out changeset 254c1ac4ab8b (bug 842657)
Backed out changeset 58a2011beeac (bug 763879)
2013-05-16 11:15:07 -04:00

21 lines
820 B
HTML
Raw Blame History

<!--
-- The original CSP implementation predates the CSP 1.0 spec and didn't
-- block inline styles, so when the prefixed X-Content-Security-Policy header is used,
-- as it is for this file, inline styles should be allowed.
-->
<html>
<head>
<title>CSP inline script tests</title>
</head>
<body onload="window.parent.scriptRan(false, 'eventattr', 'event attribute in body tag fired')">
<script type="text/javascript">
window.parent.scriptRan(false, "textnode", "text node in a script tag executed.");
</script>
<iframe src='javascript:window.parent.parent.scriptRan(false, "jsuri", "javascript: uri in image tag")'></iframe>
<a id='anchortoclick' href='javascript:window.parent.scriptRan(false, "jsuri", "javascript: uri in anchor tag ran when clicked.");'>stuff</a>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink