2011-04-07 Adam Barth <abarth@webkit.org>
[WebKit-https.git] / LayoutTests / http / tests / security / contentSecurityPolicy / inline-script-allowed.html
1 <!DOCTYPE html>
2 <html>
3 <head>
4 <meta http-equiv="X-WebKit-CSP" content="script-src http://127.0.0.1:*; options disable-xss-protection">
5 <script src="resources/dump-as-text.js"></script>
6 </head>
7 <body onload="alert('PASS 3 of 3')">
8 <script>
9 alert('PASS 1 of 3');
10 </script>
11 <iframe src="javascript:alert('PASS 2 of 3')"></iframe>
12 </body>
13 </html>