CSP 1.1: Ignore 'unsafe-inline' in presence of hashes or nonces.

LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-ignore-unsafeinline.html

Index: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-ignore-unsafeinline.html
diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed.html b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-ignore-unsafeinline.html
similarity index 65%
copy from LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed.html
copy to LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-ignore-unsafeinline.html
index d038e4c2c823325a8c5e9cc4bb7d29dce6e75fe7..188df57f75cd6117d9f5d004904a9f0203252485 100644
--- a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed.html
+++ b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-ignore-unsafeinline.html
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
     <head>
-        <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-noncynonce' 'nonce-noncy+/=nonce'">
+        <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-noncynonce' 'nonce-noncy+/=nonce' 'unsafe-inline'">
         <script nonce="noncynonce">
         if (window.testRunner)
             testRunner.dumpAsText();
@@ -12,11 +12,13 @@
         <script nonce="noncy+/=nonce">
             alert('PASS (2/2)');
         </script>
+        <script>
+            alert('FAIL (1/1)');
+        </script>
     </head>
     <body>
         <p>
-            This tests the effect of a valid script-nonce value. It passes if
-            no console warning is visible and the alerts are executed.
+            This tests that a valid nonce disables inline JavaScript, even if 'unsafe-inline' is present.
         </p>
     </body>
 </html>