Sign in
cobalt
/
cobalt
/
d2bc3b69d823bbaf46d1c4355b23486a85a6d791
/
.
/
third_party
/
web_platform_tests
/
content-security-policy
/
blink-contrib
tree: a305ac256589abe2ee5f9265aed519eb2545f214 [
path history
]
[
tgz
]
resources/
blob-urls-do-not-match-self.sub.html
blob-urls-do-not-match-self.sub.html.sub.headers
blob-urls-match-blob.sub.html
blob-urls-match-blob.sub.html.sub.headers
combine-header-and-meta-policies.sub.html
combine-header-and-meta-policies.sub.html.sub.headers
combine-multiple-header-policies.html.asis
connect-src-beacon-allowed.sub.html
connect-src-beacon-allowed.sub.html.sub.headers
connect-src-beacon-blocked.sub.html
connect-src-beacon-blocked.sub.html.sub.headers
connect-src-beacon-redirect-to-blocked.sub.html
connect-src-beacon-redirect-to-blocked.sub.html.sub.headers
connect-src-eventsource-allowed.sub.html
connect-src-eventsource-allowed.sub.html.sub.headers
connect-src-eventsource-blocked.sub.html
connect-src-eventsource-blocked.sub.html.sub.headers
connect-src-eventsource-redirect-to-blocked.sub.html
connect-src-eventsource-redirect-to-blocked.sub.html.sub.headers
connect-src-websocket-allowed.sub.html
connect-src-websocket-allowed.sub.html.sub.headers
connect-src-websocket-blocked.sub.html
connect-src-websocket-blocked.sub.html.sub.headers
connect-src-xmlhttprequest-allowed.sub.html
connect-src-xmlhttprequest-allowed.sub.html.sub.headers
connect-src-xmlhttprequest-blocked.sub.html
connect-src-xmlhttprequest-blocked.sub.html.sub.headers
connect-src-xmlhttprequest-redirect-to-blocked.sub.html
connect-src-xmlhttprequest-redirect-to-blocked.sub.html.sub.headers
default-src-inline-allowed.sub.html
default-src-inline-allowed.sub.html.sub.headers
default-src-inline-blocked.sub.html
default-src-inline-blocked.sub.html.sub.headers
duplicate-directive.sub.html
duplicate-directive.sub.html.sub.headers
eval-allowed.sub.html
eval-allowed.sub.html.sub.headers
eval-blocked-and-sends-report.sub.html
eval-blocked-and-sends-report.sub.html.sub.headers
eval-blocked-in-about-blank-iframe.sub.html
eval-blocked-in-about-blank-iframe.sub.html.sub.headers
eval-blocked.sub.html
eval-blocked.sub.html.sub.headers
eval-scripts-setInterval-allowed.sub.html
eval-scripts-setInterval-allowed.sub.html.sub.headers
eval-scripts-setInterval-blocked.sub.html
eval-scripts-setInterval-blocked.sub.html.sub.headers
eval-scripts-setTimeout-allowed.sub.html
eval-scripts-setTimeout-allowed.sub.html.sub.headers
eval-scripts-setTimeout-blocked.sub.html
eval-scripts-setTimeout-blocked.sub.html.sub.headers
filesystem-urls-do-not-match-self.sub.html
filesystem-urls-do-not-match-self.sub.html.sub.headers
filesystem-urls-match-filesystem.sub.html
filesystem-urls-match-filesystem.sub.html.sub.headers
frame-src-about-blank-allowed-by-default.sub.html
frame-src-about-blank-allowed-by-default.sub.html.sub.headers
frame-src-about-blank-allowed-by-scheme.sub.html
frame-src-about-blank-allowed-by-scheme.sub.html.sub.headers
frame-src-allowed.sub.html
frame-src-allowed.sub.html.sub.headers
frame-src-blocked.sub.html
frame-src-blocked.sub.html.sub.headers
frame-src-cross-origin-load.sub.html
frame-src-cross-origin-load.sub.html.sub.headers
function-constructor-allowed.sub.html
function-constructor-allowed.sub.html.sub.headers
function-constructor-blocked.sub.html
function-constructor-blocked.sub.html.sub.headers
icon-allowed.sub.html
icon-allowed.sub.html.sub.headers
icon-blocked.sub.html
icon-blocked.sub.html.sub.headers
iframe-inside-csp.sub.html
iframe-inside-csp.sub.html.sub.headers
image-allowed.sub.html
image-allowed.sub.html.sub.headers
image-blocked.sub.html
image-blocked.sub.html.sub.headers
image-full-host-wildcard-allowed.sub.html
image-full-host-wildcard-allowed.sub.html.sub.headers
injected-inline-script-allowed.sub.html
injected-inline-script-allowed.sub.html.sub.headers
injected-inline-script-blocked.sub.html
injected-inline-script-blocked.sub.html.sub.headers
injected-inline-style-allowed.sub.html
injected-inline-style-allowed.sub.html.sub.headers
injected-inline-style-blocked.sub.html
injected-inline-style-blocked.sub.html.sub.headers
inline-style-allowed-while-cloning-objects.sub.html
inline-style-allowed-while-cloning-objects.sub.html.sub.headers
inline-style-allowed.sub.html
inline-style-allowed.sub.html.sub.headers
inline-style-attribute-allowed.sub.html
inline-style-attribute-allowed.sub.html.sub.headers
inline-style-attribute-blocked.sub.html
inline-style-attribute-blocked.sub.html.sub.headers
inline-style-attribute-on-html.sub.html
inline-style-attribute-on-html.sub.html.sub.headers
inline-style-blocked.sub.html
inline-style-blocked.sub.html.sub.headers
manifest-src-allowed.sub.html
manifest-src-allowed.sub.html.sub.headers
manifest-src-blocked.sub.html
manifest-src-blocked.sub.html.sub.headers
media-src-allowed.sub.html
media-src-allowed.sub.html.sub.headers
media-src-blocked.sub.html
media-src-blocked.sub.html.sub.headers
media-src-track-block.sub.html
media-src-track-block.sub.html.sub.headers
object-in-svg-foreignobject.sub.html
object-in-svg-foreignobject.sub.html.sub.headers
object-src-applet-archive-codebase.sub.html
object-src-applet-archive-codebase.sub.html.sub.headers
object-src-applet-archive.sub.html
object-src-applet-archive.sub.html.sub.headers
object-src-applet-code-codebase.sub.html
object-src-applet-code-codebase.sub.html.sub.headers
object-src-applet-code.sub.html
object-src-applet-code.sub.html.sub.headers
object-src-no-url-allowed.sub.html
object-src-no-url-allowed.sub.html.sub.headers
object-src-no-url-blocked.sub.html
object-src-no-url-blocked.sub.html.sub.headers
object-src-url-allowed.sub.html
object-src-url-allowed.sub.html.sub.headers
object-src-url-blocked.sub.html
object-src-url-blocked.sub.html.sub.headers
policy-does-not-affect-child.sub.html
policy-does-not-affect-child.sub.html.sub.headers
report-blocked-data-uri.sub.html
report-blocked-data-uri.sub.html.sub.headers
report-cross-origin-no-cookies.sub.html
report-cross-origin-no-cookies.sub.html.sub.headers
report-disallowed-from-meta.sub.html
report-disallowed-from-meta.sub.html.sub.headers
report-same-origin-with-cookies.sub.html
report-same-origin-with-cookies.sub.html.sub.headers
report-uri-from-inline-javascript.sub.html
report-uri-from-inline-javascript.sub.html.sub.headers
report-uri-from-javascript.sub.html
report-uri-from-javascript.sub.html.sub.headers
report-uri.sub.html
report-uri.sub.html.sub.headers
sandbox-allow-scripts-subframe.sub.html
sandbox-allow-scripts-subframe.sub.html.sub.headers
sandbox-allow-scripts.sub.html
sandbox-allow-scripts.sub.html.sub.headers
sandbox-empty-subframe.sub.html
sandbox-empty-subframe.sub.html.sub.headers
sandbox-empty.sub.html
sandbox-empty.sub.html.sub.headers
script-src-overrides-default-src.sub.html
script-src-overrides-default-src.sub.html.sub.headers
self-doesnt-match-blob.sub.html
self-doesnt-match-blob.sub.html.sub.headers
shared-worker-connect-src-allowed.sub.html
shared-worker-connect-src-allowed.sub.html.sub.headers
shared-worker-connect-src-blocked.sub.html
shared-worker-connect-src-blocked.sub.html.sub.headers
source-list-parsing-paths-03.sub.html
source-list-parsing-paths-03.sub.html.sub.headers
srcdoc-doesnt-bypass-script-src.sub.html
srcdoc-doesnt-bypass-script-src.sub.html.sub.headers
star-doesnt-match-blob.sub.html
star-doesnt-match-blob.sub.html.sub.headers
style-allowed.sub.html
style-allowed.sub.html.sub.headers
style-blocked.sub.html
style-blocked.sub.html.sub.headers
worker-connect-src-allowed.sub.html
worker-connect-src-allowed.sub.html.sub.headers
worker-connect-src-blocked.sub.html
worker-connect-src-blocked.sub.html.sub.headers
worker-eval-blocked.sub.html
worker-eval-blocked.sub.html.sub.headers
worker-from-guid.sub.html
worker-from-guid.sub.html.sub.headers
worker-function-function-blocked.sub.html
worker-function-function-blocked.sub.html.sub.headers
worker-importscripts-blocked.sub.html
worker-importscripts-blocked.sub.html.sub.headers
worker-script-src.sub.html
worker-script-src.sub.html.sub.headers
worker-set-timeout-blocked.sub.html
worker-set-timeout-blocked.sub.html.sub.headers
xsl-blocked-expected.png
xsl-unaffected-by-style-src-1-expected.png