| ALERT: Running test #4 |
| |
| ALERT: Test in main world. |
| CONSOLE ERROR: Refused to load the image 'http://127.0.0.1:8000/security/resources/abe.png?4' because it violates the following Content Security Policy directive: "img-src 'none'". |
| |
| ALERT: BLOCKED |
| ALERT: Running test #3 |
| |
| ALERT: Test in isolated world without a CSP. |
| CONSOLE ERROR: Refused to load the image 'http://127.0.0.1:8000/security/resources/abe.png?3' because it violates the following Content Security Policy directive: "img-src 'none'". |
| |
| ALERT: BLOCKED |
| ALERT: Running test #2 |
| |
| ALERT: Test in isolated world with lax CSP |
| ALERT: LOADED |
| ALERT: Running test #1 |
| |
| ALERT: Test in isolated world with restrictive CSP |
| CONSOLE ERROR: Refused to load the image 'http://127.0.0.1:8000/security/resources/abe.png?0' because it violates the following Content Security Policy directive: "img-src 'self'". |
| |
| ALERT: BLOCKED |
| ALERT: Running test #0 |
| |
| This test ensures that img-src checks respect the isolated world CSP when the IsolatedWorldCSP feature is enabled and bypass the main world CSP checks otherwise. |
