| <!DOCTYPE html> |
| <html> |
| <head> |
| <meta http-equiv="Content-Security-Policy" content="img-src 'none'"> |
| <script src="/js-test-resources/js-test-pre.js"></script> |
| <script src="../resources/securitypolicyviolation-test.js"></script> |
| <script> |
| description('Check that a SecurityPolicyViolationEvent strips detail from cross-origin blocked URLs.'); |
| |
| var expectations = { |
| 'documentURI': document.location.toString(), |
| 'referrer': document.referrer, |
| 'blockedURI': 'http://localhost:8000', |
| 'violatedDirective': 'img-src \'none\'', |
| 'effectiveDirective': 'img-src', |
| 'originalPolicy': 'img-src \'none\'', |
| 'sourceFile': document.location.toString(), |
| 'lineNumber': 25, |
| 'columnNumber': 16, |
| 'statusCode': 200, |
| }; |
| |
| function run() { |
| var img = document.createElement('img'); |
| img.src = 'http://localhost:8000/security/resources/abe.png'; |
| document.body.appendChild(img); |
| } |
| </script> |
| <script src="/js-test-resources/js-test-post.js"></script> |
| </head> |
| <body> |
| </body> |
| </html> |