Quellcodebibliothek Statistik Leitseite products/Sources/formale Sprachen/C/Firefox/dom/security/test/csp/   (Firefox Browser Version 136.0.1©)  Datei vom 10.2.2025 mit Größe 3 kB image not shown  

Quelle  file_upgrade_insecure_meta.html

  Sprache: HTML
 

 products/Sources/formale Sprachen/C/Firefox/dom/security/test/csp/file_upgrade_insecure_meta.html


<!DOCTYPE HTML>
<html>
<head>
  <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests; default-src https: wss: 'unsafe-inline'; form-action https:;">
  <meta charset="utf-8">
  <title>Bug 1139297 - Implement CSP upgrade-insecure-requests directive</title>
  <!-- style -->
  <link rel='stylesheet' type='text/css' href='http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?style' media='screen' />

  <!-- font -->
  <style>
    @font-face {
      font-family: "foofont";
      src: url('http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?font');
    }
    .div_foo { font-family: "foofont"; }
  </style>
</head>
<body>

  <!-- images: -->
  <img src="http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?img"></img>

  <!-- redirects: upgrade http:// to https:// redirect to http:// and then upgrade to https:// again -->
  <img src="http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?redirect-image"></img>

  <!-- script: -->
  <script src="http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?script"></script>

  <!-- media: -->
  <audio src="http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?media"></audio>

  <!-- objects: -->
  <object width="10" height="10" data="http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?object"></object>

  <!-- font: (apply font loaded in header to div) -->
  <div class="div_foo">foo</div>

  <!-- iframe: (same origin) -->
  <iframe src="http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?iframe">
    <!-- within that iframe we load an image over http and make sure the requested gets upgraded to https -->
  </iframe>

  <!-- xhr: -->
  <script type="application/javascript">
    var myXHR = new XMLHttpRequest();
    myXHR.open("GET""http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?xhr");
    myXHR.send(null);
  </script>

  <!-- websockets: upgrade ws:// to wss://-->
  <script type="application/javascript">
    // WebSocket tests are not supported on Android Yet. Bug 1566168.
    const { AppConstants } = SpecialPowers.ChromeUtils.importESModule(
      "resource://gre/modules/AppConstants.sys.mjs"
    );
    if (AppConstants.platform !== "android") {
      var mySocket = new WebSocket("ws://example.com/tests/dom/security/test/csp/file_upgrade_insecure");
      mySocket.onopen = function(e) {
        if (mySocket.url.includes("wss://")) {
          window.parent.postMessage({result: "websocket-ok"}, "*");
        }
        else {
          window.parent.postMessage({result: "websocket-error"}, "*");
        }
        mySocket.close();
      };
      mySocket.onerror = function(e) {
        window.parent.postMessage({result: "websocket-unexpected-error"}, "*");
      };
    }
  </script>

  <!-- form action: (upgrade POST from http:// to https://) -->
  <iframe name='formFrame' id='formFrame'></iframe>
  <form target="formFrame" action="http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_server.sjs?form" method="POST">
    <input name="foo" value="foo">
    <input type="submit" id="submitButton" formenctype='multipart/form-data' value="Submit form">
  </form>
  <script type="text/javascript">
    var submitButton = document.getElementById('submitButton');
    submitButton.click();
  </script>

</body>
</html>

Messung V0.5 in Prozent
C=85 H=100 G=92

¤ Dauer der Verarbeitung: 0.1 Sekunden  (vorverarbeitet am  2026-06-05) ¤

*© Formatika GbR, Deutschland






Wurzel

Suchen

PVS Prover

Isabelle Prover

NIST Cobol Testsuite

Cephes Mathematical Library

Vienna Development Method

Haftungshinweis

Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.

Bemerkung:

Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.