| multiple-report-policies.html |
When multiple report-uri endpoints for multiple policies are specified, each gets a report |
1140 |
|
|
707 |
| post-redirect-stacktrace.https.html |
Check for post-redirect leak from StackTrace. |
3823 |
|
|
74 |
| report-and-enforce.html |
Reporting and enforcing policies can be different |
1531 |
|
|
498 |
| report-blocked-data-uri.html |
Data-uri images are reported correctly |
590 |
|
|
355 |
| report-blocked-uri-cross-origin.sub.html |
Cross-origin images are reported correctly |
702 |
|
|
469 |
| report-blocked-uri.html |
Blocked relative images are reported correctly |
649 |
|
|
456 |
| report-clips-sample.https.html |
|
1726 |
| report-cross-origin-no-cookies.sub.html |
Cookies are not sent on cross origin violation reports |
1463 |
|
|
440 |
| report-frame-ancestors-with-x-frame-options.sub.html |
Reporting works with report-only frame-ancestors even if frame is blocked by X-Frame-Options |
554 |
| report-frame-ancestors.sub.html |
Reporting works with frame-ancestors |
463 |
| report-multiple-violations-01.html |
Test multiple violations cause multiple reports |
660 |
|
|
408 |
| report-multiple-violations-02.html |
This tests that multiple violations on a page trigger multiple reports
if and only if the violations are distinct. |
819 |
|
|
392 |
| report-only-cross-origin-frame.sub.html |
Cross origin iframes have their URI censored |
1673 |
|
|
470 |
| report-only-in-meta.sub.html |
Report-only policy not allowed in meta tag |
1880 |
|
|
214 |
| report-only-unsafe-eval.html |
|
1267 |
|
|
304 |
| report-original-url-on-mixed-content-frame.https.sub.html |
|
687 |
|
|
383 |
| report-original-url.sub.html |
|
2423 |
|
|
439 |
| report-preload-and-consume.https.html |
Test that reports are sent with credentials to same-origin endpoints |
1008 |
| report-same-origin-with-cookies.html |
Cookies are sent on same origin violation reports |
1745 |
|
|
398 |
| report-strips-fragment.html |
|
738 |
| report-uri-effective-directive.html |
Violation report is sent if violation occurs. |
643 |
|
|
366 |
| report-uri-from-child-frame.html |
Reporting works in child iframes. |
828 |
| report-uri-from-inline-javascript.html |
Violation report is sent from inline javascript. |
748 |
|
|
365 |
| report-uri-from-javascript.html |
Violation report is sent from javascript resource. |
584 |
|
|
358 |
| report-uri-multiple-reversed.html |
Content-Security-Policy-Report-Only violation report is sent even when resource is blocked by actual policy. |
692 |
|
|
416 |
| report-uri-multiple.html |
Content-Security-Policy-Report-Only violation report is sent even when resource is blocked by actual policy. |
689 |
|
|
407 |
| report-uri-scheme-relative.html |
Relative scheme URIs are accepted as the report-uri. |
655 |
|
|
381 |
| support |
|
|