Test case: Attachment origin (relative path)

Main page

You can compare results below with results for normal web origin (no Content-Disposition header)

The link below will try to escape limited attachment origin using browser-defined window.open().document.write()