LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-basic-blocked-expected.txt - Issue 137233005: CSP: Improve blocked inline script error message.

Unified Diff: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-basic-blocked-expected.txt

Issue 137233005: CSP: Improve blocked inline script error message. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Yay. Created 6 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/1.1/report-uri-effective-directive-expected.txt ('k') | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-and-scripthash-expected.txt » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-basic-blocked-expected.txt

diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-basic-blocked-expected.txt b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-basic-blocked-expected.txt

index 5ca56b1aa912a81424896282368975ac1d4b097e..e1e93f8408184abe20301788d09f2adca39e415c 100644

--- a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-basic-blocked-expected.txt

+++ b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scripthash-basic-blocked-expected.txt

@@ -1,10 +1,10 @@

ALERT: PASS (1/1)

-CONSOLE ERROR: line 10: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='".

+CONSOLE ERROR: line 10: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.

-CONSOLE ERROR: line 13: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='".

+CONSOLE ERROR: line 13: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.

-CONSOLE ERROR: line 15: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='".

+CONSOLE ERROR: line 15: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.

-CONSOLE ERROR: line 16: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='".

+CONSOLE ERROR: line 16: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo='". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.

This tests the effect of a valid script-hash value, with one valid script and several invalid ones. It passes if one alert is executed and four console warings are visible.