blob: 3060721597ed4a764586ee3fb3c26bee405238a4 [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="img-src 'none'">
<script src="/js-test-resources/js-test.js"></script>
<script src="../resources/securitypolicyviolation-test.js"></script>
<script>
description('Check that a SecurityPolicyViolationEvent is fired upon blocking an image injected via script.');
var expectations = {
'documentURI': document.location.toString(),
'referrer': document.referrer,
'blockedURI': 'http://127.0.0.1:8000/security/resources/abe.png',
'violatedDirective': 'img-src',
'effectiveDirective': 'img-src',
'originalPolicy': 'img-src \'none\'',
'disposition': 'enforce',
'sourceFile': '',
'lineNumber': 0,
'columnNumber': 0,
'statusCode': 200,
};
function run() {
var script = document.createElement('script');
script.src = '../resources/inject-image.js';
document.body.appendChild(script);
}
</script>
</head>
<body>
</body>
</html>