tree: c0702cf563c4cfcda6efe3c520c3115f59bf062f [path history] [tgz]
  1. 1.1/
  2. blob-urls-match-self.html
  3. block-mixed-content-hides-warning-expected.txt
  4. block-mixed-content-hides-warning.html
  5. cached-frame-csp-expected.txt
  6. cached-frame-csp.html
  7. combine-multiple-policies-expected.txt
  8. combine-multiple-policies.html
  9. connect-src-anchor-ping-expected.txt
  10. connect-src-anchor-ping.html
  11. connect-src-beacon-allowed-expected.txt
  12. connect-src-beacon-allowed.html
  13. connect-src-beacon-blocked-expected.txt
  14. connect-src-beacon-blocked.html
  15. connect-src-beacon-redirect-to-blocked-expected.txt
  16. connect-src-beacon-redirect-to-blocked.html
  17. connect-src-eventsource-allowed-expected.txt
  18. connect-src-eventsource-allowed.html
  19. connect-src-eventsource-blocked-expected.txt
  20. connect-src-eventsource-blocked.html
  21. connect-src-eventsource-redirect-to-blocked-expected.txt
  22. connect-src-eventsource-redirect-to-blocked.html
  23. connect-src-preload-allowed.html
  24. connect-src-preload-blocked.html
  25. connect-src-websocket-allowed-expected.txt
  26. connect-src-websocket-allowed.html
  27. connect-src-websocket-blocked-expected.txt
  28. connect-src-websocket-blocked.html
  29. connect-src-xmlhttprequest-allowed-expected.txt
  30. connect-src-xmlhttprequest-allowed.html
  31. connect-src-xmlhttprequest-blocked-expected.txt
  32. connect-src-xmlhttprequest-blocked.html
  33. connect-src-xmlhttprequest-redirect-to-blocked-expected.txt
  34. connect-src-xmlhttprequest-redirect-to-blocked.html
  35. csp-header-is-sent.html
  36. default-src-inline-allowed-expected.txt
  37. default-src-inline-allowed.html
  38. default-src-inline-blocked-expected.txt
  39. default-src-inline-blocked.html
  40. directive-parsing-01-expected.txt
  41. directive-parsing-01.html
  42. directive-parsing-02-expected.txt
  43. directive-parsing-02.html
  44. directive-parsing-03-expected.txt
  45. directive-parsing-03.html
  46. directive-parsing-04-expected.txt
  47. directive-parsing-04.html
  48. directive-parsing-05-expected.txt
  49. directive-parsing-05.html
  50. directive-parsing-multiple-headers-expected.txt
  51. directive-parsing-multiple-headers.html
  52. duplicate-directive-expected.txt
  53. duplicate-directive.html
  54. embeddedEnforcement/
  55. eval-allowed-expected.txt
  56. eval-allowed-in-report-only-mode-and-sends-report-expected.txt
  57. eval-allowed-in-report-only-mode-and-sends-report.php
  58. eval-allowed-in-report-only-mode-expected.txt
  59. eval-allowed-in-report-only-mode.php
  60. eval-allowed.html
  61. eval-blocked-and-sends-report-expected.txt
  62. eval-blocked-and-sends-report.php
  63. eval-blocked-expected.txt
  64. eval-blocked-in-about-blank-iframe-expected.txt
  65. eval-blocked-in-about-blank-iframe.html
  66. eval-blocked.html
  67. eval-scripts-setInterval-allowed-expected.txt
  68. eval-scripts-setInterval-allowed.html
  69. eval-scripts-setInterval-blocked-expected.txt
  70. eval-scripts-setInterval-blocked.html
  71. eval-scripts-setTimeout-allowed-expected.txt
  72. eval-scripts-setTimeout-allowed.html
  73. eval-scripts-setTimeout-blocked-expected.txt
  74. eval-scripts-setTimeout-blocked.html
  75. filesystem-urls-match-self.html
  76. frame-src-about-blank-allowed-by-default-expected.txt
  77. frame-src-about-blank-allowed-by-default.html
  78. frame-src-about-blank-allowed-by-scheme-expected.txt
  79. frame-src-about-blank-allowed-by-scheme.html
  80. frame-src-allowed-expected.txt
  81. frame-src-allowed.html
  82. frame-src-blocked.html
  83. frame-src-child-frame-navigates-to-blocked-origin.html
  84. frame-src-cross-origin-load-expected.txt
  85. frame-src-cross-origin-load.html
  86. frame-src-redirect-blocked.html
  87. frame-src-vs-shift-click.html
  88. function-constructor-allowed-expected.txt
  89. function-constructor-allowed.html
  90. function-constructor-blocked-expected.txt
  91. function-constructor-blocked.html
  92. icon-allowed-expected.txt
  93. icon-allowed.html
  94. icon-blocked-expected.txt
  95. icon-blocked.html
  96. iframe-inside-csp-expected.txt
  97. iframe-inside-csp.html
  98. image-allowed-expected.txt
  99. image-allowed.html
  100. image-blocked-alt-content.html
  101. image-blocked-expected.txt
  102. image-blocked.html
  103. image-document-default-src-none-expected.txt
  104. image-document-default-src-none.html
  105. image-full-host-wildcard-fails-expected.txt
  106. image-full-host-wildcard-fails.html
  107. image-host-wildcard-allowed-expected.txt
  108. image-host-wildcard-allowed.html
  109. img-blocked-no-gc-crash-expected.txt
  110. img-blocked-no-gc-crash.html
  111. injected-inline-script-allowed-expected.txt
  112. injected-inline-script-allowed.html
  113. injected-inline-script-blocked-expected.txt
  114. injected-inline-script-blocked.html
  115. injected-inline-style-allowed-expected.txt
  116. injected-inline-style-allowed.html
  117. injected-inline-style-blocked-expected.txt
  118. injected-inline-style-blocked.html
  119. inline-event-handler-blocked-after-injecting-meta-expected.txt
  120. inline-event-handler-blocked-after-injecting-meta.html
  121. inline-script-allowed-expected.txt
  122. inline-script-allowed.html
  123. inline-script-blocked-expected.txt
  124. inline-script-blocked-goofy-expected.txt
  125. inline-script-blocked-goofy.html
  126. inline-script-blocked-javascript-url-expected.txt
  127. inline-script-blocked-javascript-url.html
  128. inline-script-blocked.html
  129. inline-style-allowed-expected.txt
  130. inline-style-allowed-while-cloning-objects-expected.txt
  131. inline-style-allowed-while-cloning-objects.html
  132. inline-style-allowed.html
  133. inline-style-attribute-allowed-expected.txt
  134. inline-style-attribute-allowed.html
  135. inline-style-attribute-blocked-expected.txt
  136. inline-style-attribute-blocked.html
  137. inline-style-attribute-on-html-expected.txt
  138. inline-style-attribute-on-html.html
  139. inline-style-blocked-expected.txt
  140. inline-style-blocked.html
  141. invalid-meta-directives-expected.txt
  142. invalid-meta-directives.html
  143. javascript-url-allowed-expected.txt
  144. javascript-url-allowed.html
  145. javascript-url-blocked-expected.txt
  146. javascript-url-blocked.html
  147. manifest-redirect-blocked-by-connect-src.html
  148. manifest-src-allowed-expected.txt
  149. manifest-src-allowed.html
  150. manifest-src-blocked-expected.txt
  151. manifest-src-blocked.html
  152. manifest.test/
  153. media-src-allowed.html
  154. media-src-blocked.html
  155. media-src-redirect-blocked-by-connect-src.html
  156. media-src-track-block-expected.txt
  157. media-src-track-block.html
  158. multiple-enforce-policies-expected.txt
  159. multiple-enforce-policies.php
  160. multiple-policies-with-nonce.php
  161. multiple-report-policies-expected.txt
  162. multiple-report-policies.php
  163. no-policy-expected.txt
  164. no-policy.html
  165. nonces/
  166. object-in-svg-foreignobject-expected.txt
  167. object-in-svg-foreignobject.html
  168. object-src-applet-archive-codebase-expected.txt
  169. object-src-applet-archive-codebase.html
  170. object-src-applet-archive-expected.txt
  171. object-src-applet-archive.html
  172. object-src-applet-code-codebase-expected.txt
  173. object-src-applet-code-codebase.html
  174. object-src-applet-code-expected.txt
  175. object-src-applet-code.html
  176. object-src-does-not-affect-child-expected.txt
  177. object-src-does-not-affect-child.html
  178. object-src-no-url-allowed-expected.txt
  179. object-src-no-url-allowed.html
  180. object-src-no-url-blocked-expected.txt
  181. object-src-no-url-blocked.html
  182. object-src-none-allowed-expected.txt
  183. object-src-none-allowed.html
  184. object-src-none-blocked-expected.txt
  185. object-src-none-blocked.html
  186. object-src-param-code-blocked-expected.txt
  187. object-src-param-code-blocked.html
  188. object-src-param-movie-blocked-expected.txt
  189. object-src-param-movie-blocked.html
  190. object-src-param-src-blocked-expected.txt
  191. object-src-param-src-blocked.html
  192. object-src-param-url-blocked-expected.txt
  193. object-src-param-url-blocked.html
  194. object-src-url-allowed-expected.txt
  195. object-src-url-allowed.html
  196. object-src-url-blocked-expected.txt
  197. object-src-url-blocked.html
  198. plugin-in-iframe-with-csp-expected.txt
  199. plugin-in-iframe-with-csp.html
  200. policy-does-not-affect-child-expected.txt
  201. policy-does-not-affect-child.html
  202. redirect-does-not-match-paths.html
  203. register-bypassing-scheme-expected.txt
  204. register-bypassing-scheme-partial-expected.txt
  205. register-bypassing-scheme-partial.html
  206. register-bypassing-scheme-script.https.html
  207. register-bypassing-scheme.html
  208. report-and-enforce-expected.txt
  209. report-and-enforce.php
  210. report-blocked-data-uri-expected.txt
  211. report-blocked-data-uri.php
  212. report-blocked-file-uri-expected.txt
  213. report-blocked-file-uri.php
  214. report-blocked-uri-cross-origin-expected.txt
  215. report-blocked-uri-cross-origin.php
  216. report-blocked-uri-expected.txt
  217. report-blocked-uri.php
  218. report-cross-origin-no-cookies-expected.txt
  219. report-cross-origin-no-cookies.php
  220. report-multiple-violations-01-expected.txt
  221. report-multiple-violations-01.php
  222. report-multiple-violations-02-expected.txt
  223. report-multiple-violations-02.php
  224. report-only-expected.txt
  225. report-only-from-header-expected.txt
  226. report-only-from-header.php
  227. report-only-in-meta-expected.txt
  228. report-only-in-meta.html
  229. report-only-report-uri-missing-expected.txt
  230. report-only-report-uri-missing.php
  231. report-only.php
  232. report-original-url.php
  233. report-same-origin-with-cookies-expected.txt
  234. report-same-origin-with-cookies.php
  235. report-uri-expected.txt
  236. report-uri-from-child-frame-expected.txt
  237. report-uri-from-child-frame.html
  238. report-uri-from-inline-javascript-expected.txt
  239. report-uri-from-inline-javascript.php
  240. report-uri-from-javascript-expected.txt
  241. report-uri-from-javascript.php
  242. report-uri-multiple-expected.txt
  243. report-uri-multiple-reversed-expected.txt
  244. report-uri-multiple-reversed.php
  245. report-uri-multiple.php
  246. report-uri-scheme-relative-expected.txt
  247. report-uri-scheme-relative.php
  248. report-uri.php
  249. require-sri-for/
  250. resources/
  251. sandbox-allow-scripts-expected.txt
  252. sandbox-allow-scripts-in-http-header-control-expected.txt
  253. sandbox-allow-scripts-in-http-header-control.html
  254. sandbox-allow-scripts-in-http-header-expected.txt
  255. sandbox-allow-scripts-in-http-header.html
  256. sandbox-allow-scripts-subframe-expected.txt
  257. sandbox-allow-scripts-subframe.php
  258. sandbox-allow-scripts.php
  259. sandbox-empty-expected.txt
  260. sandbox-empty-subframe-expected.txt
  261. sandbox-empty-subframe.html
  262. sandbox-empty.html
  263. sandbox-in-http-header-control-expected.txt
  264. sandbox-in-http-header-control.html
  265. sandbox-in-http-header-expected.txt
  266. sandbox-in-http-header.html
  267. sandbox-invalid-header-expected.txt
  268. sandbox-invalid-header.html
  269. sandbox-report-only-expected.txt
  270. sandbox-report-only.html
  271. script-loads-with-img-src-expected.txt
  272. script-loads-with-img-src.html
  273. script-src-appended-script-expected.txt
  274. script-src-appended-script.html
  275. script-src-blocked-error-event.html
  276. script-src-in-iframe-expected.txt
  277. script-src-in-iframe.html
  278. script-src-none-expected.txt
  279. script-src-none-inline-event-expected.txt
  280. script-src-none-inline-event.html
  281. script-src-none.html
  282. script-src-overrides-default-src-expected.txt
  283. script-src-overrides-default-src.html
  284. script-src-redirect-expected.txt
  285. script-src-redirect.html
  286. script-src-self-blocked-01-expected.txt
  287. script-src-self-blocked-01.html
  288. script-src-self-blocked-02-expected.txt
  289. script-src-self-blocked-02.html
  290. script-src-self-blocked-03-expected.txt
  291. script-src-self-blocked-03.html
  292. script-src-self-expected.txt
  293. script-src-self.html
  294. script-src-star-cross-scheme-expected.txt
  295. script-src-star-cross-scheme.html
  296. script-src-wildcards-disallowed.html
  297. securitypolicyviolation/
  298. service-worker-allowed.html
  299. service-worker-blocked-expected.txt
  300. service-worker-blocked.html
  301. shared-worker-connect-src-allowed-expected.txt
  302. shared-worker-connect-src-allowed.html
  303. shared-worker-connect-src-blocked-expected.txt
  304. shared-worker-connect-src-blocked.html
  305. source-list-parsing-01-expected.txt
  306. source-list-parsing-01.html
  307. source-list-parsing-02-expected.txt
  308. source-list-parsing-02.html
  309. source-list-parsing-03-expected.txt
  310. source-list-parsing-03.html
  311. source-list-parsing-04-expected.txt
  312. source-list-parsing-04.html
  313. source-list-parsing-05-expected.txt
  314. source-list-parsing-05.html
  315. source-list-parsing-06-expected.txt
  316. source-list-parsing-06.html
  317. source-list-parsing-07-expected.txt
  318. source-list-parsing-07.html
  319. source-list-parsing-08-expected.txt
  320. source-list-parsing-08.html
  321. source-list-parsing-09-expected.txt
  322. source-list-parsing-09.html
  323. source-list-parsing-10-expected.txt
  324. source-list-parsing-10.html
  325. source-list-parsing-11.html
  326. source-list-parsing-deprecated-expected.txt
  327. source-list-parsing-deprecated.html
  328. source-list-parsing-malformed-meta-expected.txt
  329. source-list-parsing-malformed-meta.html
  330. source-list-parsing-no-semicolon-expected.txt
  331. source-list-parsing-no-semicolon.html
  332. source-list-parsing-nonascii-expected.txt
  333. source-list-parsing-nonascii.html
  334. source-list-parsing-none-expected.txt
  335. source-list-parsing-none.html
  336. source-list-parsing-paths-01-expected.txt
  337. source-list-parsing-paths-01.html
  338. source-list-parsing-paths-02-expected.txt
  339. source-list-parsing-paths-02.html
  340. source-list-parsing-paths-03-expected.txt
  341. source-list-parsing-paths-03.html
  342. srcdoc-doesnt-bypass-script-src-expected.txt
  343. srcdoc-doesnt-bypass-script-src.html
  344. strict-dynamic/
  345. style-allowed-expected.txt
  346. style-allowed.html
  347. style-blocked-expected.txt
  348. style-blocked.html
  349. style-src-blocked-error-event-expected.txt
  350. style-src-blocked-error-event.html
  351. worker-blob-inherits-csp-expected.txt
  352. worker-blob-inherits-csp.html
  353. worker-connect-src-allowed-expected.txt
  354. worker-connect-src-allowed.html
  355. worker-connect-src-blocked-expected.txt
  356. worker-connect-src-blocked.html
  357. worker-eval-blocked.html
  358. worker-function-function-blocked-expected.txt
  359. worker-function-function-blocked.html
  360. worker-importscripts-blocked-expected.txt
  361. worker-importscripts-blocked.html
  362. worker-multiple-csp-headers.html
  363. worker-redirect-blocked-by-connect-src.html
  364. worker-script-src-expected.txt
  365. worker-script-src.html
  366. worker-set-timeout-blocked-expected.txt
  367. worker-set-timeout-blocked.html
  368. worker-src/
  369. worker-without-own-csp.html
  370. worklet-import-blocked-expected.txt
  371. worklet-import-blocked.html
  372. xmlhttprequest-protected-resource-does-not-crash-expected.txt
  373. xmlhttprequest-protected-resource-does-not-crash.html
  374. xsl-allowed-expected.txt
  375. xsl-allowed.php
  376. xsl-blocked-expected.png
  377. xsl-blocked-expected.txt
  378. xsl-blocked.php
  379. xsl-img-blocked-expected.txt
  380. xsl-img-blocked.php
  381. xsl-unaffected-by-style-src-1-expected.png
  382. xsl-unaffected-by-style-src-1-expected.txt
  383. xsl-unaffected-by-style-src-1.php
  384. xsl-unaffected-by-style-src-2-expected.txt
  385. xsl-unaffected-by-style-src-2.php