File: object-src-url-allowed.html

package info (click to toggle)
thunderbird 1%3A140.5.0esr-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 4,609,032 kB
  • sloc: cpp: 7,672,739; javascript: 5,901,898; ansic: 3,898,899; python: 1,413,347; xml: 653,997; asm: 462,284; java: 180,927; sh: 113,491; makefile: 20,460; perl: 14,288; objc: 13,059; yacc: 4,583; pascal: 3,352; lex: 1,720; ruby: 1,222; exp: 762; sql: 715; awk: 580; php: 436; lisp: 430; sed: 70; csh: 10
file content (24 lines) | stat: -rw-r--r-- 688 bytes parent folder | download | duplicates (22) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
<!DOCTYPE html>
<html>

<head>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <!--
      Content-Security-Policy:
        object-src 'self';
        script-src 'self' 'unsafe-inline';
        report-uri /reporting/resources/report.py?op=put&reportID={{$id}}
    -->
</head>

<body>
    <object type="image/png" data="/content-security-policy/support/pass.png"></object>
    <!--
      We rely on the report because we can't rely on the onload event for
      "allowed" tests as it is not fired for object and embed
    -->
    <script src='../support/checkReport.sub.js?reportExists=false'></script>
</body>

</html>