| <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> |
| <html> |
| <body> |
| <script src="../resources/securitypolicy-tests-base.js"></script> |
| <script> |
| if (document.securityPolicy.allowsFormAction('http://example.com/')) |
| log('PASS form action is allowed when no policy exists.'); |
| else |
| log('FAIL form action is not allowed when no policy exists.'); |
| |
| |
| injectPolicy("form-action http://notexample.com;"); |
| |
| if (!document.securityPolicy.allowsFormAction('http://example.com/')) |
| log('PASS form action is not allowed when policy exists.'); |
| else |
| log('FAIL form action is allowed when policy exists.'); |
| </script> |
| </body> |
| </html> |