fune/dom/security/test/csp/file_sandbox_allow_scripts.html

<!DOCTYPE HTML>
<html>
  <head>
  <meta charset='utf-8'>
  <title>Bug 1396320: Fix CSP sandbox regression for allow-scripts</title>
  </head>
<body>
<script type='application/javascript'>
  window.parent.postMessage({result: document.domain }, '*');
</script>
</body>
</html>