2012-12-17 14:17:39 +00:00
|
|
|
<?php
|
2013-02-07 22:03:04 +00:00
|
|
|
# Support: Firefox
|
2013-01-28 04:34:38 +00:00
|
|
|
header("X-Content-Security-Policy: default-src 'self';");
|
2013-02-07 22:03:04 +00:00
|
|
|
|
|
|
|
|
# Support: Webkit, Safari 5
|
|
|
|
|
# http://stackoverflow.com/questions/13663302/why-does-my-content-security-policy-work-everywhere-but-safari
|
|
|
|
|
header("X-WebKit-CSP: script-src " . $_SERVER["HTTP_HOST"] . " 'self'");
|
|
|
|
|
|
|
|
|
|
header("Content-Security-Policy: default-src 'self'");
|
2012-12-17 14:17:39 +00:00
|
|
|
?>
|
2011-01-18 20:13:09 +00:00
|
|
|
<!DOCTYPE html>
|
|
|
|
|
<html>
|
|
|
|
|
<head>
|
2012-05-18 17:28:50 +00:00
|
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
2011-01-18 20:13:09 +00:00
|
|
|
<title>CSP Test Page</title>
|
2013-01-28 04:34:38 +00:00
|
|
|
<script src="../../jquery.js"></script>
|
|
|
|
|
<script src="csp.js"></script>
|
2011-01-18 20:13:09 +00:00
|
|
|
</head>
|
|
|
|
|
<body>
|
|
|
|
|
<p>CSP Test Page</p>
|
|
|
|
|
</body>
|
|
|
|
|
</html>
|
