bennadel/test.cfm

## test.cfm
<cfscript>

	frapi = createObject( "java", "com.intergral.fusionreactor.api.FRAPI" )
		.getInstance()
	;

	csp = application.contentSecurityPolicy.getCspConfig();

	// Set the strict Content-Security-Policy.
	cfheader( attributeCollection = csp.header );
	cfheader( attributeCollection = csp.reportToHeader );

</cfscript>
<cfoutput>

	<!doctype html>
	<html lang="en">
	<body>

		<h1>
			FusionReactor - User Experience Monitoring (UEM)
		</h1>

		<script type="text/javascript">
			#frapi.getUemTrackingScript()#
		</script>

	</body>
	</html>

</cfoutput>

## test2-fr.html
<script type="text/javascript" nonce>
	var anUrl = "/fusionreactor/UEM.cfm?db=0&wr=11&s=8B92BB6DBB4B1FFF4ED56B4CF4A2F0B7&t=927808";
	document.write(unescape("%3Cscript src='/fusionreactor/UEMJS.cfm' type='text/javascript'%3E%3C/script%3E"));
</script>
<script src="/fusionreactor/UEMJS.cfm" type="text/javascript"></script>

## test2.cfm
<cfscript>

	frapi = createObject( "java", "com.intergral.fusionreactor.api.FRAPI" )
		.getInstance()
	;

	csp = application.contentSecurityPolicy.getCspConfig();

	// Set the strict Content-Security-Policy.
	cfheader( attributeCollection = csp.header );
	cfheader( attributeCollection = csp.reportToHeader );

</cfscript>
<cfoutput>

	<!doctype html>
	<html lang="en">
	<body>

		<h1>
			FusionReactor - User Experience Monitoring (UEM)
		</h1>

		<script type="text/javascript" nonce="#encodeForHtmlAttribute( csp.nonce )#">
			#frapi.getUemTrackingScript()#
		</script>

	</body>
	</html>

</cfoutput>

## test3.cfm
<cfscript>

	frapi = createObject( "java", "com.intergral.fusionreactor.api.FRAPI" )
		.getInstance()
	;
	// Generate the UEM output; but, instead of writing the output to the page, I'm going
	// to capture the content and extract the two `/fusionreactor/` URLs. These will be
	// explicitly written the page down below.
	uemScriptUrls = frapi.getUemTrackingScript()
		.reMatchNoCase( "/fusionreactor/[^'""]+" )
	;

	csp = application.contentSecurityPolicy.getCspConfig();

	// Set the strict Content-Security-Policy.
	cfheader( attributeCollection = csp.header );
	cfheader( attributeCollection = csp.reportToHeader );

</cfscript>
<cfoutput>

	<!doctype html>
	<html lang="en">
	<body>

		<h1>
			FusionReactor - User Experience Monitoring (UEM)
		</h1>

		<script type="text/javascript" nonce="#encodeForHtmlAttribute( csp.nonce )#">
			var anUrl = "#encodeForJavaScript( uemScriptUrls[ 1 ] )#";
		</script>
		<script
			type="text/javascript"
			src="#uemScriptUrls[ 2 ]#"
			nonce="#encodeForHtmlAttribute( csp.nonce )#">
		</script>

	</body>
	</html>

</cfoutput>
	<cfscript>

	frapi = createObject( "java", "com.intergral.fusionreactor.api.FRAPI" )
	.getInstance()
	;

	csp = application.contentSecurityPolicy.getCspConfig();

	// Set the strict Content-Security-Policy.
	cfheader( attributeCollection = csp.header );
	cfheader( attributeCollection = csp.reportToHeader );

	</cfscript>
	<cfoutput>

	<!doctype html>
	<html lang="en">
	<body>

	<h1>
	FusionReactor - User Experience Monitoring (UEM)
	</h1>

	<script type="text/javascript">
	#frapi.getUemTrackingScript()#
	</script>

	</body>
	</html>

	</cfoutput>
	<script type="text/javascript" nonce>
	var anUrl = "/fusionreactor/UEM.cfm?db=0&wr=11&s=8B92BB6DBB4B1FFF4ED56B4CF4A2F0B7&t=927808";
	document.write(unescape("%3Cscript src='/fusionreactor/UEMJS.cfm' type='text/javascript'%3E%3C/script%3E"));
	</script>
	<script src="/fusionreactor/UEMJS.cfm" type="text/javascript"></script>