<html>
<head><title>Page that runs insecure content in an iframe with strict blocking</title></head>
<meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
<body>
This page contains an iframe which loads contents over an http connection,
which would cause insecure content when this page is loaded over https, but
mixed content is strictly blocked with CSP.<br>
<iframe src="https://REPLACE_WITH_HOST_AND_PORT/ssl/iframe_with_insecure_content.html"/>
</body>
</html>