blob: 038af2395187f4ca5da6d511108be13610d2ed18 [file] [log] [blame]
<?php
header("Content-Security-Policy: img-src 'none'; report-uri /security/contentSecurityPolicy/resources/save-report.php");
?>
<!DOCTYPE html>
<html>
<body>
<script>
// Normal browsing mode
var xhr = new XMLHttpRequest();
xhr.open("GET", "/cookies/resources/setCookies.cgi", false);
xhr.setRequestHeader("SET-COOKIE", "hello=world;path=/");
xhr.send(null);
if (window.testRunner)
testRunner.setPrivateBrowsingEnabled_DEPRECATED(true);
</script>
<!-- This image will generate a CSP violation report. -->
<img src="/security/resources/abe.png">
<script src="resources/go-to-echo-report.js"></script>
</body>
</html>