nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity
fune/dom/security/test/csp/file_iframe_sandbox_srcdoc.html
Frederik Braun 56207a1b8b Bug 1073952: tests for iframe sandbox srcdoc and data URIs with CSP r=ckerschb,Tomcat 
MozReview-Commit-ID: 5Q8XIJPrRPk

--HG--
extra : rebase_source : 391431d3585173d096ab58747a854542dfd3adca
2017-01-30 14:12:15 +01:00

11 lines
324 B
HTML
Raw Blame History

<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Bug 1073952 - CSP should restrict scripts in srcdoc iframe even if sandboxed</title>
</head>
<body>
<iframe srcdoc="<img src=x onerror='parent.postMessage({result: `unexpected-csp-violation`}, `*`);'>"
sandbox="allow-scripts"></iframe>
</body>
</html>
View git blame Copy permalink