| <!DOCTYPE html> |
| <html> |
| |
| <head> |
| <meta id="meta_csp" http-equiv="Content-Security-Policy" content="img-src 'none'"> |
| <title>meta-modified</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src='../support/logTest.sub.js?logs=["PASS", "PASS","TEST COMPLETE"]'></script> |
| </head> |
| |
| <body> |
| <p>Test passes if the image is blocked both before and after policy modification.</p> |
| |
| <script> |
| function testImgSrc() { |
| var img = document.createElement('img'); |
| img.src = '../support/fail.png'; |
| img.onerror = function() { |
| log("PASS"); |
| }; |
| img.onload = function() { |
| log("FAIL"); |
| }; |
| document.body.appendChild(img); |
| } |
| testImgSrc(); |
| document.getElementById("meta_csp").setAttribute("content", "img-src *"); |
| testImgSrc(); |
| log("TEST COMPLETE"); |
| </script> |
| <div id="log"></div> |
| </body> |
| |
| </html> |