On 26/10/09 08:46, Nilesh Kumar wrote:
"Grab a preview build of Minefield
Download a copy of the latest trunk builds of Firefox which have CSP support. The text you quote should have provided a link.
and load this page to see how CSP works. For each individual test, a CSP-supporting browser will display PASS while a non-supporting browser will display FAIL. Each test also contains a comment showing the CSP header that was sent."
The test page contains a load of tests. If they say PASS, CSP is working. If they say FAIL, it's not.
Can you tell me how to really test these things?
Is your question really "how do I learn about the CSP syntax, add CSP to my own pages, and test whether it's working"?
Gerv _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security