blob: 0a3c50f2804f016355091f2223eff16f0d2cd2f5 [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'; report-uri resources/save-report.py">
</head>
<body>
<script>
try {
eval("alert('FAIL')");
} catch (e) {
console.log(e);
console.log('PASS: eval() blocked.');
}
</script>
<script src="resources/go-to-echo-report.js"></script>
</body>
</html>