Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/mixedContent/strict-mode-image-no-policy.https.html 

<!doctype html>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<body>
<script>
    async_test(t => {
        var i = document.createElement('img');
        i.onerror = t.assert_unreached;
        i.onload = t.step_func_done(_ => {
            assert_equals(128, i.naturalWidth);
            assert_equals(128, i.naturalHeight);
        });
        i.src = "http://127.0.0.1:8080/security/resources/compass.jpg?t=1";
    }, "Mixed images are allowed in the presence of 'block-all-mixed-content' in report-only mode.");

    async_test(t => {
        var i = document.createElement('img');
        i.onload = t.step_func_done();
        document.addEventListener('securitypolicyviolation', t.assert_unreached);
        i.src = "http://127.0.0.1:8080/security/resources/compass.jpg?t=2";
    }, "Mixed images do not generate CSP violation reports when no policy is present.");
</script>