| <!DOCTYPE html> |
| <html> |
| <head> |
| <title>Dynamically apply sandbox and include HTTPS iframe</title> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script src="/resources/get-host-info.js"></script> |
| </head> |
| <body> |
| </body> |
| <script> |
| window.addEventListener("message", function (e) { |
| var meta = document.createElement("meta"); |
| meta.httpEquiv = "Content-Security-Policy"; |
| meta.content = "sandbox allow-scripts"; |
| document.head.appendChild(meta); |
| e.source.postMessage("go", "*"); |
| }); |
| |
| var i = document.createElement("iframe"); |
| i.src = get_host_info().HTTPS_REMOTE_ORIGIN + "/security/secureContexts/resources/post-securecontext-status-on-msg.html" |
| document.body.appendChild(i); |
| </script> |
| </html> |