chrome/test/data/load_image/image_csp_default_src.html - chromium/src - Git at Google

 <html>
 <head>
   <!--
    Restrict all resource access for other origins and unblock inline script and
    eval execution for testing purposes.
   -->
   <meta http-equiv="Content-Security-Policy"
    content="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
 </head>
 <img alt="long_placeholder_text"/>
 <script src="common.js"></script>
 <script>
 window.onload = () => {
   setTimeout(() => {
     document.images[0].src = "image.png"
   }, 1000);
 }
 </script>
 </html>
	<html>
	<head>
	<!--
	Restrict all resource access for other origins and unblock inline script and
	eval execution for testing purposes.
	-->
	<meta http-equiv="Content-Security-Policy"
	content="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
	</head>
	<img alt="long_placeholder_text"/>
	<script src="common.js"></script>
	<script>
	window.onload = () => {
	setTimeout(() => {
	document.images[0].src = "image.png"
	}, 1000);
	}
	</script>
	</html>