<!DOCTYPE html> | |
<html> | |
<head> | |
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'"> | |
<script type="text/javascript"> | |
function sendCSPRequest() | |
{ | |
var script = document.createElement("script"); | |
script.src = "https://www.example.com/csp.js"; | |
document.head.appendChild(script); | |
} | |
function addBlockedScript(url) | |
{ | |
var script = document.createElement("script"); | |
script.src = url; | |
document.head.appendChild(script); | |
} | |
</script> | |
</head> | |
<body> | |
</body> | |
</html> |