File: test-csp-violation-base-uri.html

package info (click to toggle)
firefox 147.0.4-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,683,532 kB
  • sloc: cpp: 7,607,356; javascript: 6,533,348; ansic: 3,775,236; python: 1,415,508; xml: 634,561; asm: 438,949; java: 186,241; sh: 62,760; makefile: 18,079; objc: 13,092; perl: 12,808; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10; exp: 6
file content (18 lines) | stat: -rw-r--r-- 476 bytes parent folder | download | duplicates (25) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 
<html>
      <head>
          <title>CSP Base-URI Violation Test </title>
          <base href="https://evil.com/">
      </head>
      <body>
          <h1> Crashing the Base Element</h1>
      </body>
      <script>
        "use strict";
        window.violate = ()=>{
          document.head.innerHTML = "";
          const b = document.createElement("base");
          b.href = "https://evil.com";
          document.head.append(b);
        };
      </script>
    </html>