Content - 23c33d56553817384b0ab6928eb8939459562c48 - ca97ad0/content-security-policy/img-src/img-src-full-host-wildcard-blocked.sub.html

visit type:

Tip revision: 9936e8c644dfcfc1c02ba53fa26c501d64eccc11 authored by Yutaka Hirano on 21 November 2017, 10:42:44 UTC
[XHR] Introduce a mime type parser to a WPT

Tip revision: 9936e8c

img-src-full-host-wildcard-blocked.sub.html

<!DOCTYPE html>
<meta http-equiv="Content-Security-Policy" content="img-src *.{{host}}:{{ports[http][0]}}">
<html>
<head>
    <title>img-src with full host and wildcard blocks correctly.</title>
    <script src='/resources/testharness.js'></script>
    <script src='/resources/testharnessreport.js'></script>
</head>
<body>
    <div id='log'/>

    <script>
      var t1 = async_test("img src does not match full host and wildcard csp directive");
    </script>
    <img src='http://{{host}}:{{ports[http][0]}}/content-security-policy/support/fail.png'
         onload='t1.step(function() { assert_unreached("Image should have loaded"); t1.done(); });'
         onerror='t1.done();'>

</body>
</html>

Browse the archive

https://github.com/web-platform-tests/wpt