def main(request, response):
headers = [(b"Content-Type", b"text/html")]
if b"policy" in request.GET:
headers.append((b"Content-Security-Policy", request.GET[b"policy"]))
if b"policy2" in request.GET:
headers.append((b"Content-Security-Policy", request.GET[b"policy2"]))
if b"policy3" in request.GET:
headers.append((b"Content-Security-Policy", request.GET[b"policy3"]))
message = request.GET[b"id"]
return headers, b'''
<!DOCTYPE html>
<html>
<head>
<title>This page sets given CSP upon itself.</title>
</head>
<body>
<script nonce="abc">
var response = {};
response["id"] = "%s";
response["loaded"] = true;
window.top.postMessage(response, '*');
</script>
</body>
</html>
''' % (message)
Codebase Browser
chromium