Skip to main content

Browse the archive

https://github.com/web-platform-tests/wpt
26 December 2018, 22:31:15 UTC
Raw File
Tip revision: 889dffdab866c3c61e6178681497d2cbd953ac1c authored by Philip Jägenstedt on 21 December 2018, 14:58:28 UTC
[Azure Pipelines] Run all `./wpt run` tests on Windows 10 Insider Preview
Tip revision: 889dffd
script-src-1_1.html 
<!DOCTYPE HTML>
<html>
<head>
    <title>Inline script should not run without 'unsafe-inline' script-src directive.</title>
    <meta http-equiv="Content-Security-Policy" content="script-src 'self';">
    <script src='/resources/testharness.js'></script>
    <script src='/resources/testharnessreport.js'></script>
    <script src='inlineTests.js'></script>
</head>
<body>
    <h1>Inline script should not run without 'unsafe-inline' script-src directive, even for script-src 'self'.</h1>
    <div id='log'></div>

    <script>
      t1.step(function() {assert_unreached('Unsafe inline script ran.');});
    </script>

    <img src='doesnotexist.jpg' onerror='t2.step(function() { assert_unreached("Unsafe inline event handler ran.") });'>
</body>
</html>
back to top