gecko-dev/testing/web-platform/tests/content-security-policy/frame-ancestors/frame-ancestors-self-block.html

<!DOCTYPE html>
<html>
<head>
    <script src="/resources/testharness.js"></script>
    <script src="/resources/testharnessreport.js"></script>
    <script src="support/frame-ancestors-test.sub.js"></script>
</head>
<body>
    <script>
        test = async_test("A 'frame-ancestors' CSP directive with a value 'self' should block rendering.");

        crossOriginFrameShouldBeBlocked("'self'");
    </script>
</body>
</html>