Content Security Policy (CSP) Violations
Instructions: This page has a Content Security Policy that restricts where resources can be loaded from.
- An inline script on this page will be blocked by the CSP.
- An image from a non-whitelisted domain (`example.com`) will also be blocked.
Validation: Your automation script should open the browser's developer console and assert that CSP violation errors are present.
Blocked Resources
The following image from `example.com` should be blocked by our CSP (`img-src 'self' https://via.placeholder.com`):
A valid image from `via.placeholder.com`: