2011-04-07 Adam Barth <abarth@webkit.org>
[WebKit-https.git] / LayoutTests / http / tests / security / contentSecurityPolicy / inline-script-blocked-goofy.html
1 <!DOCTYPE html>
2 <html>
3 <head>
4 <meta http-equiv="X-WebKit-CSP" content="script-src http://127.0.0.1:*; options goofy">
5 <script src="resources/dump-as-text.js"></script>
6 </head>
7 <body onload="alert('FAIL 3 of 3')">
8 This test passes if it doesn't alert fail.
9 <script>
10 alert('FAIL 1 of 3');
11 </script>
12 <iframe src="javascript:alert('FAIL 2 of 3')"></iframe>
13 </body>
14 </html>