blob: 8b809c9e4b281d9e431fe433585b62286bff202e [file] [log] [blame]
CONSOLE ERROR: line 12: Refused to load the image 'http://127.0.0.1:8000/security/resources/abe.png' because it violates the following Content Security Policy directive: "img-src 'none'".
CONSOLE ERROR: line 9: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-YQwmkO9U3gKLwAFFj9h7BeOrJNIo50emf5tmL1p32RY='), or a nonce ('nonce-...') is required to enable inline execution.
PingLoader dispatched to 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/save-report.php?test=report-and-enforce.php'.
ALERT: PASS
CSP report received:
CONTENT_TYPE: application/csp-report
HTTP_REFERER: http://127.0.0.1:8000/security/contentSecurityPolicy/report-and-enforce.php
REQUEST_METHOD: POST
=== POST DATA ===
{"csp-report":{"document-uri":"http://127.0.0.1:8000/security/contentSecurityPolicy/report-and-enforce.php","referrer":"","violated-directive":"script-src","effective-directive":"script-src","original-policy":"script-src 'self'; report-uri resources/save-report.php?test=report-and-enforce.php","disposition":"report","blocked-uri":"inline","line-number":9,"status-code":200}}