File: preload-csp-report.https.sub.html

package info (click to toggle)
firefox-esr 140.4.0esr-1~deb13u1
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 4,539,284 kB
  • sloc: cpp: 7,381,286; javascript: 6,388,710; ansic: 3,710,139; python: 1,393,780; xml: 628,165; asm: 426,916; java: 184,004; sh: 65,742; makefile: 19,302; objc: 13,059; perl: 12,912; yacc: 4,583; cs: 3,846; pascal: 3,352; lex: 1,720; ruby: 1,226; exp: 762; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10
file content (30 lines) | stat: -rw-r--r-- 878 bytes parent folder | download | duplicates (21) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
<!DOCTYPE html>
<html>
<body>
<!-- This image will cause a CSP violation, which will trigger an immediate report -->
<script>
    const href = "/reporting/resources/fail.png";

    window.addEventListener('load', async () => {
        // Trigger a CSP error.
        await new Promise(resolve => {
            const link = document.createElement('link');
            link.rel = 'preload';
            link.href = href;
            link.as = 'image';
            document.head.appendChild(link);
            link.addEventListener('error', resolve);
        });

        // Trigger a second CSP error by consuming.
        await new Promise(resolve => {
            const img = document.createElement('img');
            img.src = href;
            img.addEventListener('error', resolve);
            document.body.appendChild(img);
        });
    });
</script>
</body>
</html>