tree: 889e1ff6032e25fe9ac62ad9d465d107a2f2e8c6 [path history] [tgz]
  1. 1.1/
  2. blob-urls-match-self.html
  3. block-mixed-content-hides-warning-expected.txt
  4. block-mixed-content-hides-warning.html
  5. cached-frame-csp-expected.txt
  6. cached-frame-csp.html
  7. cascade/
  8. combine-multiple-policies-expected.txt
  9. combine-multiple-policies.html
  10. connect-src-anchor-ping-expected.txt
  11. connect-src-anchor-ping.html
  12. connect-src-beacon-allowed-expected.txt
  13. connect-src-beacon-allowed.html
  14. connect-src-beacon-blocked-expected.txt
  15. connect-src-beacon-blocked.html
  16. connect-src-beacon-redirect-to-blocked-expected.txt
  17. connect-src-beacon-redirect-to-blocked.html
  18. connect-src-eventsource-allowed-expected.txt
  19. connect-src-eventsource-allowed.html
  20. connect-src-eventsource-blocked-expected.txt
  21. connect-src-eventsource-blocked.html
  22. connect-src-eventsource-redirect-to-blocked-expected.txt
  23. connect-src-eventsource-redirect-to-blocked.html
  24. connect-src-preload-allowed.html
  25. connect-src-preload-blocked.html
  26. connect-src-websocket-allowed-expected.txt
  27. connect-src-websocket-allowed.html
  28. connect-src-websocket-blocked-expected.txt
  29. connect-src-websocket-blocked.html
  30. connect-src-xmlhttprequest-allowed-expected.txt
  31. connect-src-xmlhttprequest-allowed.html
  32. connect-src-xmlhttprequest-blocked-expected.txt
  33. connect-src-xmlhttprequest-blocked.html
  34. connect-src-xmlhttprequest-redirect-to-blocked-expected.txt
  35. connect-src-xmlhttprequest-redirect-to-blocked.html
  36. csp-header-is-sent.html
  37. default-src-inline-allowed-expected.txt
  38. default-src-inline-allowed.html
  39. default-src-inline-blocked-expected.txt
  40. default-src-inline-blocked.html
  41. directive-parsing-01-expected.txt
  42. directive-parsing-01.html
  43. directive-parsing-02-expected.txt
  44. directive-parsing-02.html
  45. directive-parsing-03-expected.txt
  46. directive-parsing-03.html
  47. directive-parsing-04-expected.txt
  48. directive-parsing-04.html
  49. directive-parsing-05-expected.txt
  50. directive-parsing-05.html
  51. directive-parsing-multiple-headers-expected.txt
  52. directive-parsing-multiple-headers.html
  53. duplicate-directive-expected.txt
  54. duplicate-directive.html
  55. embeddedEnforcement/
  56. eval-allowed-expected.txt
  57. eval-allowed-in-report-only-mode-and-sends-report-expected.txt
  58. eval-allowed-in-report-only-mode-and-sends-report.php
  59. eval-allowed-in-report-only-mode-expected.txt
  60. eval-allowed-in-report-only-mode.php
  61. eval-allowed.html
  62. eval-blocked-and-sends-report-expected.txt
  63. eval-blocked-and-sends-report.php
  64. eval-blocked-expected.txt
  65. eval-blocked-in-about-blank-iframe-expected.txt
  66. eval-blocked-in-about-blank-iframe.html
  67. eval-blocked.html
  68. eval-scripts-setInterval-allowed-expected.txt
  69. eval-scripts-setInterval-allowed.html
  70. eval-scripts-setInterval-blocked-expected.txt
  71. eval-scripts-setInterval-blocked.html
  72. eval-scripts-setTimeout-allowed-expected.txt
  73. eval-scripts-setTimeout-allowed.html
  74. eval-scripts-setTimeout-blocked-expected.txt
  75. eval-scripts-setTimeout-blocked.html
  76. filesystem-urls-match-self.html
  77. frame-src-about-blank-allowed-by-default-expected.txt
  78. frame-src-about-blank-allowed-by-default.html
  79. frame-src-about-blank-allowed-by-scheme-expected.txt
  80. frame-src-about-blank-allowed-by-scheme.html
  81. frame-src-allowed-expected.txt
  82. frame-src-allowed.html
  83. frame-src-blocked.html
  84. frame-src-child-frame-navigates-to-blocked-origin.html
  85. frame-src-cross-origin-load-expected.txt
  86. frame-src-cross-origin-load.html
  87. frame-src-redirect-blocked.html
  88. frame-src-vs-shift-click.html
  89. function-constructor-allowed-expected.txt
  90. function-constructor-allowed.html
  91. function-constructor-blocked-expected.txt
  92. function-constructor-blocked.html
  93. icon-allowed-expected.txt
  94. icon-allowed.html
  95. icon-blocked-expected.txt
  96. icon-blocked.html
  97. iframe-inside-csp-expected.txt
  98. iframe-inside-csp.html
  99. image-allowed-expected.txt
  100. image-allowed.html
  101. image-blocked-alt-content.html
  102. image-blocked-expected.txt
  103. image-blocked.html
  104. image-document-default-src-none-expected.txt
  105. image-document-default-src-none.html
  106. image-full-host-wildcard-fails-expected.txt
  107. image-full-host-wildcard-fails.html
  108. image-host-wildcard-allowed-expected.txt
  109. image-host-wildcard-allowed.html
  110. img-blocked-no-gc-crash-expected.txt
  111. img-blocked-no-gc-crash.html
  112. injected-inline-script-allowed-expected.txt
  113. injected-inline-script-allowed.html
  114. injected-inline-script-blocked-expected.txt
  115. injected-inline-script-blocked.html
  116. injected-inline-style-allowed-expected.txt
  117. injected-inline-style-allowed.html
  118. injected-inline-style-blocked-expected.txt
  119. injected-inline-style-blocked.html
  120. inline-event-handler-blocked-after-injecting-meta-expected.txt
  121. inline-event-handler-blocked-after-injecting-meta.html
  122. inline-script-allowed-expected.txt
  123. inline-script-allowed.html
  124. inline-script-blocked-expected.txt
  125. inline-script-blocked-goofy-expected.txt
  126. inline-script-blocked-goofy.html
  127. inline-script-blocked.html
  128. inline-style-allowed-expected.txt
  129. inline-style-allowed-while-cloning-objects-expected.txt
  130. inline-style-allowed-while-cloning-objects.html
  131. inline-style-allowed.html
  132. inline-style-attribute-allowed-expected.txt
  133. inline-style-attribute-allowed.html
  134. inline-style-attribute-blocked-expected.txt
  135. inline-style-attribute-blocked.html
  136. inline-style-attribute-on-html-expected.txt
  137. inline-style-attribute-on-html.html
  138. inline-style-blocked-expected.txt
  139. inline-style-blocked.html
  140. invalid-meta-directives-expected.txt
  141. invalid-meta-directives.html
  142. manifest-redirect-blocked-by-connect-src.html
  143. manifest-src-allowed-expected.txt
  144. manifest-src-allowed.html
  145. manifest-src-blocked-expected.txt
  146. manifest-src-blocked.html
  147. manifest.test/
  148. media-src-allowed.html
  149. media-src-blocked.html
  150. media-src-redirect-blocked-by-connect-src.html
  151. media-src-track-block-expected.txt
  152. media-src-track-block.html
  153. multiple-enforce-policies-expected.txt
  154. multiple-enforce-policies.php
  155. multiple-policies-with-nonce.php
  156. multiple-report-policies-expected.txt
  157. multiple-report-policies.php
  158. navigation/
  159. no-policy-expected.txt
  160. no-policy.html
  161. nonces/
  162. object-in-svg-foreignobject-expected.txt
  163. object-in-svg-foreignobject.html
  164. object-src-applet-archive-codebase-expected.txt
  165. object-src-applet-archive-codebase.html
  166. object-src-applet-archive-expected.txt
  167. object-src-applet-archive.html
  168. object-src-applet-code-codebase-expected.txt
  169. object-src-applet-code-codebase.html
  170. object-src-applet-code-expected.txt
  171. object-src-applet-code.html
  172. object-src-does-not-affect-child-expected.txt
  173. object-src-does-not-affect-child.html
  174. object-src-no-url-allowed-expected.txt
  175. object-src-no-url-allowed.html
  176. object-src-no-url-blocked-expected.txt
  177. object-src-no-url-blocked.html
  178. object-src-none-allowed-expected.txt
  179. object-src-none-allowed.html
  180. object-src-none-blocked-expected.txt
  181. object-src-none-blocked.html
  182. object-src-param-code-blocked-expected.txt
  183. object-src-param-code-blocked.html
  184. object-src-param-movie-blocked-expected.txt
  185. object-src-param-movie-blocked.html
  186. object-src-param-src-blocked-expected.txt
  187. object-src-param-src-blocked.html
  188. object-src-param-url-blocked-expected.txt
  189. object-src-param-url-blocked.html
  190. object-src-url-allowed-expected.txt
  191. object-src-url-allowed.html
  192. object-src-url-blocked-expected.txt
  193. object-src-url-blocked.html
  194. plugin-in-iframe-with-csp-expected.txt
  195. plugin-in-iframe-with-csp.html
  196. policy-does-not-affect-child-expected.txt
  197. policy-does-not-affect-child.html
  198. redirect-does-not-match-paths.html
  199. redirect-with-delay.html
  200. register-bypassing-scheme-expected.txt
  201. register-bypassing-scheme-partial-expected.txt
  202. register-bypassing-scheme-partial.html
  203. register-bypassing-scheme-script.https.html
  204. register-bypassing-scheme.html
  205. report-and-enforce-expected.txt
  206. report-and-enforce.php
  207. report-blocked-data-uri-expected.txt
  208. report-blocked-data-uri.php
  209. report-blocked-file-uri-expected.txt
  210. report-blocked-file-uri.php
  211. report-blocked-uri-cross-origin-expected.txt
  212. report-blocked-uri-cross-origin.php
  213. report-blocked-uri-expected.txt
  214. report-blocked-uri.php
  215. report-cross-origin-no-cookies-expected.txt
  216. report-cross-origin-no-cookies.php
  217. report-multiple-violations-01-expected.txt
  218. report-multiple-violations-01.php
  219. report-multiple-violations-02-expected.txt
  220. report-multiple-violations-02.php
  221. report-only-expected.txt
  222. report-only-from-header-expected.txt
  223. report-only-from-header.php
  224. report-only-in-meta-expected.txt
  225. report-only-in-meta.html
  226. report-only-report-uri-missing-expected.txt
  227. report-only-report-uri-missing.php
  228. report-only.php
  229. report-original-url.php
  230. report-same-origin-with-cookies-expected.txt
  231. report-same-origin-with-cookies.php
  232. report-uri-expected.txt
  233. report-uri-from-child-frame-expected.txt
  234. report-uri-from-child-frame.html
  235. report-uri-from-inline-javascript-expected.txt
  236. report-uri-from-inline-javascript.php
  237. report-uri-from-javascript-expected.txt
  238. report-uri-from-javascript.php
  239. report-uri-multiple-expected.txt
  240. report-uri-multiple-reversed-expected.txt
  241. report-uri-multiple-reversed.php
  242. report-uri-multiple.php
  243. report-uri-scheme-relative-expected.txt
  244. report-uri-scheme-relative.php
  245. report-uri.php
  246. require-sri-for/
  247. resources/
  248. sandbox-allow-scripts-expected.txt
  249. sandbox-allow-scripts-in-http-header-control-expected.txt
  250. sandbox-allow-scripts-in-http-header-control.html
  251. sandbox-allow-scripts-in-http-header-expected.txt
  252. sandbox-allow-scripts-in-http-header.html
  253. sandbox-allow-scripts-subframe-expected.txt
  254. sandbox-allow-scripts-subframe.php
  255. sandbox-allow-scripts.php
  256. sandbox-empty-expected.txt
  257. sandbox-empty-subframe-expected.txt
  258. sandbox-empty-subframe.html
  259. sandbox-empty.html
  260. sandbox-in-http-header-control-expected.txt
  261. sandbox-in-http-header-control.html
  262. sandbox-in-http-header-expected.txt
  263. sandbox-in-http-header.html
  264. sandbox-invalid-header-expected.txt
  265. sandbox-invalid-header.html
  266. sandbox-report-only-expected.txt
  267. sandbox-report-only.html
  268. script-loads-with-img-src-expected.txt
  269. script-loads-with-img-src.html
  270. script-src-appended-script-expected.txt
  271. script-src-appended-script.html
  272. script-src-blocked-error-event.html
  273. script-src-in-iframe-expected.txt
  274. script-src-in-iframe.html
  275. script-src-none-expected.txt
  276. script-src-none-inline-event-expected.txt
  277. script-src-none-inline-event.html
  278. script-src-none.html
  279. script-src-overrides-default-src-expected.txt
  280. script-src-overrides-default-src.html
  281. script-src-redirect-expected.txt
  282. script-src-redirect.html
  283. script-src-self-blocked-01-expected.txt
  284. script-src-self-blocked-01.html
  285. script-src-self-blocked-02-expected.txt
  286. script-src-self-blocked-02.html
  287. script-src-self-blocked-03-expected.txt
  288. script-src-self-blocked-03.html
  289. script-src-self-expected.txt
  290. script-src-self.html
  291. script-src-star-cross-scheme-expected.txt
  292. script-src-star-cross-scheme.html
  293. script-src-wildcards-disallowed.html
  294. securitypolicyviolation/
  295. service-worker-allowed.html
  296. service-worker-blocked-expected.txt
  297. service-worker-blocked.html
  298. shared-worker-connect-src-allowed-expected.txt
  299. shared-worker-connect-src-allowed.html
  300. shared-worker-connect-src-blocked-expected.txt
  301. shared-worker-connect-src-blocked.html
  302. source-list-parsing-01-expected.txt
  303. source-list-parsing-01.html
  304. source-list-parsing-02-expected.txt
  305. source-list-parsing-02.html
  306. source-list-parsing-03-expected.txt
  307. source-list-parsing-03.html
  308. source-list-parsing-04-expected.txt
  309. source-list-parsing-04.html
  310. source-list-parsing-05-expected.txt
  311. source-list-parsing-05.html
  312. source-list-parsing-06-expected.txt
  313. source-list-parsing-06.html
  314. source-list-parsing-07-expected.txt
  315. source-list-parsing-07.html
  316. source-list-parsing-08-expected.txt
  317. source-list-parsing-08.html
  318. source-list-parsing-09-expected.txt
  319. source-list-parsing-09.html
  320. source-list-parsing-10-expected.txt
  321. source-list-parsing-10.html
  322. source-list-parsing-11.html
  323. source-list-parsing-deprecated-expected.txt
  324. source-list-parsing-deprecated.html
  325. source-list-parsing-malformed-meta-expected.txt
  326. source-list-parsing-malformed-meta.html
  327. source-list-parsing-no-semicolon-expected.txt
  328. source-list-parsing-no-semicolon.html
  329. source-list-parsing-nonascii-expected.txt
  330. source-list-parsing-nonascii.html
  331. source-list-parsing-none-expected.txt
  332. source-list-parsing-none.html
  333. source-list-parsing-paths-01-expected.txt
  334. source-list-parsing-paths-01.html
  335. source-list-parsing-paths-02-expected.txt
  336. source-list-parsing-paths-02.html
  337. source-list-parsing-paths-03-expected.txt
  338. source-list-parsing-paths-03.html
  339. srcdoc-doesnt-bypass-script-src-expected.txt
  340. srcdoc-doesnt-bypass-script-src.html
  341. strict-dynamic/
  342. style-allowed-expected.txt
  343. style-allowed.html
  344. style-blocked-expected.txt
  345. style-blocked.html
  346. style-src-blocked-error-event-expected.txt
  347. style-src-blocked-error-event.html
  348. worker-blob-inherits-csp-expected.txt
  349. worker-blob-inherits-csp.html
  350. worker-connect-src-allowed-expected.txt
  351. worker-connect-src-allowed.html
  352. worker-connect-src-blocked-expected.txt
  353. worker-connect-src-blocked.html
  354. worker-eval-blocked.html
  355. worker-function-function-blocked-expected.txt
  356. worker-function-function-blocked.html
  357. worker-importscripts-blocked-expected.txt
  358. worker-importscripts-blocked.html
  359. worker-multiple-csp-headers.html
  360. worker-redirect-blocked-by-connect-src.html
  361. worker-script-src-expected.txt
  362. worker-script-src.html
  363. worker-set-timeout-blocked-expected.txt
  364. worker-set-timeout-blocked.html
  365. worker-src/
  366. worker-without-own-csp.html
  367. worklet-import-blocked-expected.txt
  368. worklet-import-blocked.html
  369. xmlhttprequest-protected-resource-does-not-crash-expected.txt
  370. xmlhttprequest-protected-resource-does-not-crash.html
  371. xsl-allowed-expected.txt
  372. xsl-allowed.php
  373. xsl-blocked-expected.png
  374. xsl-blocked-expected.txt
  375. xsl-blocked.php
  376. xsl-img-blocked-expected.txt
  377. xsl-img-blocked.php
  378. xsl-unaffected-by-style-src-1-expected.png
  379. xsl-unaffected-by-style-src-1-expected.txt
  380. xsl-unaffected-by-style-src-1.php
  381. xsl-unaffected-by-style-src-2-expected.txt
  382. xsl-unaffected-by-style-src-2.php