Index: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-default-src.html |
diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-default-src.html b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-default-src.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..75db7db5c7309d2f7c554bc34be9b46c3a97c6a9 |
--- /dev/null |
+++ b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-default-src.html |
@@ -0,0 +1,18 @@ |
+<!DOCTYPE html> |
+<html> |
+ <head> |
+ <meta http-equiv="Content-Security-Policy" content="default-src 'sha256-qYLfI6En65ykBzcRp14iPwE+5tYvOnoWhLlGH9eVub4='"> |
+ <script> |
+ if (window.testRunner) |
+ testRunner.dumpAsText(); |
+ alert('PASS'); |
Mike West
2015/09/22 04:37:38
Nit: See below.
jww
2015/09/22 16:55:37
Done.
|
+ </script> |
+ </head> |
+ <body> |
+ <p> |
+ This tests that hash values in default-src carry to scripts. It |
+ passes if no console warning is visible, and only PASS messages are |
+ shown. |
+ </p> |
+ </body> |
+</html> |