LayoutTests/http/tests/security/contentSecurityPolicy/block-all-mixed-content/resources/frame-with-insecure-image-with-enforced-and-report-policies.php - WebKit - Git at Google

 <?php
     header("Content-Security-Policy-Report-Only: block-all-mixed-content");
     header("Content-Security-Policy: block-all-mixed-content");
 ?>
 <!DOCTYPE html>
 <html>
 <head>
 <script src="dump-securitypolicyviolation-and-notify-done.js"></script>
 </head>
 <body>
 <script>
 // Use document.write() to bypass the HTMLPreloadScanner and address flakiness.
 document.write('<img src="http://127.0.0.1:8000/security/resources/compass.jpg">');
 </script>
 </body>
 </html>
	<?php
	header("Content-Security-Policy-Report-Only: block-all-mixed-content");
	header("Content-Security-Policy: block-all-mixed-content");
	?>
	<!DOCTYPE html>
	<html>
	<head>
	<script src="dump-securitypolicyviolation-and-notify-done.js"></script>
	</head>
	<body>
	<script>
	// Use document.write() to bypass the HTMLPreloadScanner and address flakiness.
	document.write('<img src="http://127.0.0.1:8000/security/resources/compass.jpg">');
	</script>
	</body>
	</html>