| OLD | NEW |
|---|
| 1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
| 2 <html> | 2 <html> |
| 3 <head> | 3 <head> |
| 4 <script> |
| 5 if (window.internals) |
| 6 internals.settings.setExperimentalContentSecurityPolicyFeaturesEnabl
ed(false); |
| 7 </script> |
| 4 <meta http-equiv="Content-Security-Policy-Report-Only" content="script-src '
self' 'unsafe-inline'; report-uri resources/save-report.php?test=eval-allowed-in
-report-only-mode-and-sends-report.html"> | 8 <meta http-equiv="Content-Security-Policy-Report-Only" content="script-src '
self' 'unsafe-inline'; report-uri resources/save-report.php?test=eval-allowed-in
-report-only-mode-and-sends-report.html"> |
| 5 </head> | 9 </head> |
| 6 <body> | 10 <body> |
| 7 <script> | 11 <script> |
| 8 try { | 12 try { |
| 9 eval("alert('PASS: eval() allowed!')"); | 13 eval("alert('PASS: eval() allowed!')"); |
| 10 } catch (e) { | 14 } catch (e) { |
| 11 console.log('FAIL: eval() blocked!'); | 15 console.log('FAIL: eval() blocked!'); |
| 12 } | 16 } |
| 13 </script> | 17 </script> |
| 14 <script src="resources/go-to-echo-report.js"></script> | 18 <script src="resources/go-to-echo-report.js"></script> |
| 15 </body> | 19 </body> |
| 16 </html> | 20 </html> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 131103003:
CSP: Add a mechanism to disable CSP 1.1 for layout tests. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk