tree: a305ac256589abe2ee5f9265aed519eb2545f214 [path history] [tgz]
  1. blob-urls-do-not-match-self.sub.html
  2. blob-urls-do-not-match-self.sub.html.sub.headers
  3. blob-urls-match-blob.sub.html
  4. blob-urls-match-blob.sub.html.sub.headers
  5. combine-header-and-meta-policies.sub.html
  6. combine-header-and-meta-policies.sub.html.sub.headers
  7. combine-multiple-header-policies.html.asis
  8. connect-src-beacon-allowed.sub.html
  9. connect-src-beacon-allowed.sub.html.sub.headers
  10. connect-src-beacon-blocked.sub.html
  11. connect-src-beacon-blocked.sub.html.sub.headers
  12. connect-src-beacon-redirect-to-blocked.sub.html
  13. connect-src-beacon-redirect-to-blocked.sub.html.sub.headers
  14. connect-src-eventsource-allowed.sub.html
  15. connect-src-eventsource-allowed.sub.html.sub.headers
  16. connect-src-eventsource-blocked.sub.html
  17. connect-src-eventsource-blocked.sub.html.sub.headers
  18. connect-src-eventsource-redirect-to-blocked.sub.html
  19. connect-src-eventsource-redirect-to-blocked.sub.html.sub.headers
  20. connect-src-websocket-allowed.sub.html
  21. connect-src-websocket-allowed.sub.html.sub.headers
  22. connect-src-websocket-blocked.sub.html
  23. connect-src-websocket-blocked.sub.html.sub.headers
  24. connect-src-xmlhttprequest-allowed.sub.html
  25. connect-src-xmlhttprequest-allowed.sub.html.sub.headers
  26. connect-src-xmlhttprequest-blocked.sub.html
  27. connect-src-xmlhttprequest-blocked.sub.html.sub.headers
  28. connect-src-xmlhttprequest-redirect-to-blocked.sub.html
  29. connect-src-xmlhttprequest-redirect-to-blocked.sub.html.sub.headers
  30. default-src-inline-allowed.sub.html
  31. default-src-inline-allowed.sub.html.sub.headers
  32. default-src-inline-blocked.sub.html
  33. default-src-inline-blocked.sub.html.sub.headers
  34. duplicate-directive.sub.html
  35. duplicate-directive.sub.html.sub.headers
  36. eval-allowed.sub.html
  37. eval-allowed.sub.html.sub.headers
  38. eval-blocked-and-sends-report.sub.html
  39. eval-blocked-and-sends-report.sub.html.sub.headers
  40. eval-blocked-in-about-blank-iframe.sub.html
  41. eval-blocked-in-about-blank-iframe.sub.html.sub.headers
  42. eval-blocked.sub.html
  43. eval-blocked.sub.html.sub.headers
  44. eval-scripts-setInterval-allowed.sub.html
  45. eval-scripts-setInterval-allowed.sub.html.sub.headers
  46. eval-scripts-setInterval-blocked.sub.html
  47. eval-scripts-setInterval-blocked.sub.html.sub.headers
  48. eval-scripts-setTimeout-allowed.sub.html
  49. eval-scripts-setTimeout-allowed.sub.html.sub.headers
  50. eval-scripts-setTimeout-blocked.sub.html
  51. eval-scripts-setTimeout-blocked.sub.html.sub.headers
  52. filesystem-urls-do-not-match-self.sub.html
  53. filesystem-urls-do-not-match-self.sub.html.sub.headers
  54. filesystem-urls-match-filesystem.sub.html
  55. filesystem-urls-match-filesystem.sub.html.sub.headers
  56. frame-src-about-blank-allowed-by-default.sub.html
  57. frame-src-about-blank-allowed-by-default.sub.html.sub.headers
  58. frame-src-about-blank-allowed-by-scheme.sub.html
  59. frame-src-about-blank-allowed-by-scheme.sub.html.sub.headers
  60. frame-src-allowed.sub.html
  61. frame-src-allowed.sub.html.sub.headers
  62. frame-src-blocked.sub.html
  63. frame-src-blocked.sub.html.sub.headers
  64. frame-src-cross-origin-load.sub.html
  65. frame-src-cross-origin-load.sub.html.sub.headers
  66. function-constructor-allowed.sub.html
  67. function-constructor-allowed.sub.html.sub.headers
  68. function-constructor-blocked.sub.html
  69. function-constructor-blocked.sub.html.sub.headers
  70. icon-allowed.sub.html
  71. icon-allowed.sub.html.sub.headers
  72. icon-blocked.sub.html
  73. icon-blocked.sub.html.sub.headers
  74. iframe-inside-csp.sub.html
  75. iframe-inside-csp.sub.html.sub.headers
  76. image-allowed.sub.html
  77. image-allowed.sub.html.sub.headers
  78. image-blocked.sub.html
  79. image-blocked.sub.html.sub.headers
  80. image-full-host-wildcard-allowed.sub.html
  81. image-full-host-wildcard-allowed.sub.html.sub.headers
  82. injected-inline-script-allowed.sub.html
  83. injected-inline-script-allowed.sub.html.sub.headers
  84. injected-inline-script-blocked.sub.html
  85. injected-inline-script-blocked.sub.html.sub.headers
  86. injected-inline-style-allowed.sub.html
  87. injected-inline-style-allowed.sub.html.sub.headers
  88. injected-inline-style-blocked.sub.html
  89. injected-inline-style-blocked.sub.html.sub.headers
  90. inline-style-allowed-while-cloning-objects.sub.html
  91. inline-style-allowed-while-cloning-objects.sub.html.sub.headers
  92. inline-style-allowed.sub.html
  93. inline-style-allowed.sub.html.sub.headers
  94. inline-style-attribute-allowed.sub.html
  95. inline-style-attribute-allowed.sub.html.sub.headers
  96. inline-style-attribute-blocked.sub.html
  97. inline-style-attribute-blocked.sub.html.sub.headers
  98. inline-style-attribute-on-html.sub.html
  99. inline-style-attribute-on-html.sub.html.sub.headers
  100. inline-style-blocked.sub.html
  101. inline-style-blocked.sub.html.sub.headers
  102. manifest-src-allowed.sub.html
  103. manifest-src-allowed.sub.html.sub.headers
  104. manifest-src-blocked.sub.html
  105. manifest-src-blocked.sub.html.sub.headers
  106. media-src-allowed.sub.html
  107. media-src-allowed.sub.html.sub.headers
  108. media-src-blocked.sub.html
  109. media-src-blocked.sub.html.sub.headers
  110. media-src-track-block.sub.html
  111. media-src-track-block.sub.html.sub.headers
  112. object-in-svg-foreignobject.sub.html
  113. object-in-svg-foreignobject.sub.html.sub.headers
  114. object-src-applet-archive-codebase.sub.html
  115. object-src-applet-archive-codebase.sub.html.sub.headers
  116. object-src-applet-archive.sub.html
  117. object-src-applet-archive.sub.html.sub.headers
  118. object-src-applet-code-codebase.sub.html
  119. object-src-applet-code-codebase.sub.html.sub.headers
  120. object-src-applet-code.sub.html
  121. object-src-applet-code.sub.html.sub.headers
  122. object-src-no-url-allowed.sub.html
  123. object-src-no-url-allowed.sub.html.sub.headers
  124. object-src-no-url-blocked.sub.html
  125. object-src-no-url-blocked.sub.html.sub.headers
  126. object-src-url-allowed.sub.html
  127. object-src-url-allowed.sub.html.sub.headers
  128. object-src-url-blocked.sub.html
  129. object-src-url-blocked.sub.html.sub.headers
  130. policy-does-not-affect-child.sub.html
  131. policy-does-not-affect-child.sub.html.sub.headers
  132. report-blocked-data-uri.sub.html
  133. report-blocked-data-uri.sub.html.sub.headers
  134. report-cross-origin-no-cookies.sub.html
  135. report-cross-origin-no-cookies.sub.html.sub.headers
  136. report-disallowed-from-meta.sub.html
  137. report-disallowed-from-meta.sub.html.sub.headers
  138. report-same-origin-with-cookies.sub.html
  139. report-same-origin-with-cookies.sub.html.sub.headers
  140. report-uri-from-inline-javascript.sub.html
  141. report-uri-from-inline-javascript.sub.html.sub.headers
  142. report-uri-from-javascript.sub.html
  143. report-uri-from-javascript.sub.html.sub.headers
  144. report-uri.sub.html
  145. report-uri.sub.html.sub.headers
  146. resources/
  147. sandbox-allow-scripts-subframe.sub.html
  148. sandbox-allow-scripts-subframe.sub.html.sub.headers
  149. sandbox-allow-scripts.sub.html
  150. sandbox-allow-scripts.sub.html.sub.headers
  151. sandbox-empty-subframe.sub.html
  152. sandbox-empty-subframe.sub.html.sub.headers
  153. sandbox-empty.sub.html
  154. sandbox-empty.sub.html.sub.headers
  155. script-src-overrides-default-src.sub.html
  156. script-src-overrides-default-src.sub.html.sub.headers
  157. self-doesnt-match-blob.sub.html
  158. self-doesnt-match-blob.sub.html.sub.headers
  159. shared-worker-connect-src-allowed.sub.html
  160. shared-worker-connect-src-allowed.sub.html.sub.headers
  161. shared-worker-connect-src-blocked.sub.html
  162. shared-worker-connect-src-blocked.sub.html.sub.headers
  163. source-list-parsing-paths-03.sub.html
  164. source-list-parsing-paths-03.sub.html.sub.headers
  165. srcdoc-doesnt-bypass-script-src.sub.html
  166. srcdoc-doesnt-bypass-script-src.sub.html.sub.headers
  167. star-doesnt-match-blob.sub.html
  168. star-doesnt-match-blob.sub.html.sub.headers
  169. style-allowed.sub.html
  170. style-allowed.sub.html.sub.headers
  171. style-blocked.sub.html
  172. style-blocked.sub.html.sub.headers
  173. worker-connect-src-allowed.sub.html
  174. worker-connect-src-allowed.sub.html.sub.headers
  175. worker-connect-src-blocked.sub.html
  176. worker-connect-src-blocked.sub.html.sub.headers
  177. worker-eval-blocked.sub.html
  178. worker-eval-blocked.sub.html.sub.headers
  179. worker-from-guid.sub.html
  180. worker-from-guid.sub.html.sub.headers
  181. worker-function-function-blocked.sub.html
  182. worker-function-function-blocked.sub.html.sub.headers
  183. worker-importscripts-blocked.sub.html
  184. worker-importscripts-blocked.sub.html.sub.headers
  185. worker-script-src.sub.html
  186. worker-script-src.sub.html.sub.headers
  187. worker-set-timeout-blocked.sub.html
  188. worker-set-timeout-blocked.sub.html.sub.headers
  189. xsl-blocked-expected.png
  190. xsl-unaffected-by-style-src-1-expected.png