Revision - a337d72 - Move x-frame-options/ into content-security-policy/

Revision a337d7247981123b1c81810227bd49c9d9bedd98 authored by Anne van Kesteren on 24 April 2018, 09:35:09 UTC, committed by Anne van Kesteren on 24 April 2018, 09:35:09 UTC

Move x-frame-options/ into content-security-policy/

The plan of record is for CSP to define X-Frame-Options (with small parts of it in HTML). Moving this directory there to reduce top-level directories (without owner).

Helps with #5915.

1 parent 0d56422

Files
Changes

Permalinks

setrequestheader-header-allowed.htm

<!doctype html>
<html>
  <head>
    <title>XMLHttpRequest: setRequestHeader() - headers that are allowed</title>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <link rel="help" href="https://xhr.spec.whatwg.org/#the-setrequestheader()-method">
  </head>
  <body>
    <div id="log"></div>
    <script>
      function request(header) {
        test(function() {
          var client = new XMLHttpRequest()
          client.open("POST", "resources/inspect-headers.py?filter_value=t1, t2", false)
          client.setRequestHeader(header, "t1")
          client.setRequestHeader(header, "t2")
          client.send(null)
          assert_equals(client.responseText, header + ",")
        }, document.title + " (" + header + ")")
      }
      request("Authorization")
      request("Pragma")
      request("User-Agent")
      request("Content-Transfer-Encoding")
      request("Content-Type")
      request("Overwrite")
      request("If")
      request("Status-URI")
      request("X-Pink-Unicorn")
    </script>
  </body>
</html>

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...