File: mixedSchemesWithCsp.html

package info (click to toggle)
qtwebengine-opensource-src 5.15.18%2Bdfsg-2
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 2,115,068 kB
  • sloc: cpp: 13,169,354; ansic: 4,248,321; javascript: 1,917,440; python: 554,858; asm: 529,966; xml: 496,623; java: 151,702; objc: 80,776; perl: 73,361; sh: 71,244; cs: 30,383; makefile: 21,992; yacc: 9,125; tcl: 8,500; php: 5,896; sql: 5,518; pascal: 4,510; lex: 2,884; lisp: 2,727; ruby: 559; awk: 200; sed: 40
file content (32 lines) | stat: -rw-r--r-- 1,049 bytes parent folder | download | duplicates (8) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Security-Policy" content="frame-src 'none'">
        <title>Mixed</title>
        <script>
         var result;
         var canary;

         function setIFrameUrl(url) {
             result = undefined;
             canary = undefined;
             document.getElementById("iframe").setAttribute("src", url);
             // Early fire is OK unless the test is expecting cannotLoad.
             // If timeout is too short then a false positive is possible.
             setTimeout(() => { result = result || "cannotLoad"; }, 500);
         }

         addEventListener("load", function() {
             document.getElementById("iframe").addEventListener("load", function() {
                 if (canary && window[0].canary)
                     result = "canLoadAndAccess";
                 else
                     result = "canLoadButNotAccess";
             });
         });
        </script>
    </head>
    <body>
        <iframe id="iframe"></iframe>
    </body>
</html>