| <!DOCTYPE html> |
| <html> |
| <head> |
| <meta http-equiv="Content-Security-Policy" content="script-src http://localhost:8000/ http://127.0.0.1:8000/js-test-resources/testharness.js http://127.0.0.1:8000/js-test-resources/testharnessreport.js http://127.0.0.1:8000/security/contentSecurityPolicy/resources/redirect-does-not-match-paths.js; img-src http://localhost:8000/ http://127.0.0.1:8000/allowed; child-src http://localhost:8000/ http://127.0.0.1:8000/allowed; style-src http://localhost:8000/ http://127.0.0.1:8000/allowed; connect-src http://localhost:8000/ http://127.0.0.1:8000/allowed"> |
| <script src="/js-test-resources/testharness.js"></script> |
| <script src="/js-test-resources/testharnessreport.js"></script> |
| <!-- This URL redirects to |
| http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script-redirect-not-allowed.js, |
| a URL that is not allowed by the CSP, but should load because it is |
| the result of a redirect and it matches when paths are ignored. --> |
| <!-- If this script loads and runs, it sets script_loaded to true. --> |
| <script src="http://localhost:8000/security/contentSecurityPolicy/resources/redirect.pl?type=script"></script> |
| <link rel="stylesheet" type="text/css" href="http://localhost:8000/security/contentSecurityPolicy/resources/redirect.pl?type=stylesheet" /> |
| </head> |
| <body> |
| <script src="resources/redirect-does-not-match-paths.js"></script> |
| </body> |
| </html> |