When this page is loaded over HTTP (i.e. via embedded_test_server() from a browser test), then it should be denied access to local resources, like the file: URI from the img tag below. This test verifies that access to the file: URI will also be forbidden when saving all resources of the page during Save-Page-As-Complete-HTML.