Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(170)

Side by Side Diff: third_party/WebKit/LayoutTests/http/tests/security/isolatedWorld/bypass-main-world-csp-for-inline-style-expected.txt

Issue 1475863005: [Async][WIP] Call FrameLoader::checkCompleted() asynchronously to avoid sync body.onload() Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase. Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 CONSOLE MESSAGE: line 58: Injecting in main world: this should fail. 1 CONSOLE MESSAGE: line 58: Injecting in main world: this should fail.
2 CONSOLE ERROR: Refused to apply inline style because it violates the following C ontent Security Policy directive: "default-src 'none'". Either the 'unsafe-inlin e' keyword, a hash ('sha256-VW0vOGrZCqH0TKtw5B5uFtLP1DqNIIUce/tDyu/378c='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'sty le-src' was not explicitly set, so 'default-src' is used as a fallback. 2 CONSOLE ERROR: Refused to apply inline style because it violates the following C ontent Security Policy directive: "default-src 'none'". Either the 'unsafe-inlin e' keyword, a hash ('sha256-VW0vOGrZCqH0TKtw5B5uFtLP1DqNIIUce/tDyu/378c='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'sty le-src' was not explicitly set, so 'default-src' is used as a fallback.
3 3
4 CONSOLE MESSAGE: line 31: PASS: Style assignment in test 4 was not blocked by CS P. 4 CONSOLE MESSAGE: line 31: PASS: Style assignment in test 4 was not blocked by CS P.
5 CONSOLE MESSAGE: line 62: Injecting into isolated world without bypass: this sho uld fail. 5 CONSOLE MESSAGE: line 62: Injecting into isolated world without bypass: this sho uld fail.
6 CONSOLE ERROR: Refused to apply inline style because it violates the following C ontent Security Policy directive: "default-src 'none'". Either the 'unsafe-inlin e' keyword, a hash ('sha256-mqk0x+ZowQUO8stz3Tm8e/4c044WSEbqlTVrz4jf9ko='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'sty le-src' was not explicitly set, so 'default-src' is used as a fallback. 6 CONSOLE ERROR: Refused to apply inline style because it violates the following C ontent Security Policy directive: "default-src 'none'". Either the 'unsafe-inlin e' keyword, a hash ('sha256-mqk0x+ZowQUO8stz3Tm8e/4c044WSEbqlTVrz4jf9ko='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'sty le-src' was not explicitly set, so 'default-src' is used as a fallback.
7 7
8 CONSOLE MESSAGE: line 19: PASS: Style assignment in test 3 was not blocked by CS P. 8 CONSOLE MESSAGE: line 19: PASS: Style assignment in test 3 was not blocked by CS P.
9 CONSOLE ERROR: Refused to apply inline style because it violates the following C ontent Security Policy directive: "default-src 'none'". Either the 'unsafe-inlin e' keyword, a hash ('sha256-ZBTj5RHLnrF+IxdRZM2RuLfjTJQXNSi7fLQHr09onfY='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'sty le-src' was not explicitly set, so 'default-src' is used as a fallback. 9 CONSOLE ERROR: line 1: Refused to apply inline style because it violates the fol lowing Content Security Policy directive: "default-src 'none'". Either the 'unsa fe-inline' keyword, a hash ('sha256-ZBTj5RHLnrF+IxdRZM2RuLfjTJQXNSi7fLQHr09onfY= '), or a nonce ('nonce-...') is required to enable inline execution. Note also t hat 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
10 10
11 CONSOLE MESSAGE: line 17: PASS: Style attribute assignment in test 3 was not blo cked by CSP. 11 CONSOLE MESSAGE: line 17: PASS: Style attribute assignment in test 3 was not blo cked by CSP.
12 CONSOLE MESSAGE: line 67: Starting to bypass main world's CSP: this should pass! 12 CONSOLE MESSAGE: line 67: Starting to bypass main world's CSP: this should pass!
13 CONSOLE MESSAGE: line 12: PASS: Style assignment in test 2 was blocked by CSP. 13 CONSOLE MESSAGE: line 12: PASS: Style assignment in test 2 was blocked by CSP.
14 CONSOLE MESSAGE: line 10: PASS: Style attribute assignment in test 2 was blocked by CSP. 14 CONSOLE MESSAGE: line 10: PASS: Style attribute assignment in test 2 was blocked by CSP.
15 CONSOLE MESSAGE: line 73: Injecting into main world again: this should fail. 15 CONSOLE MESSAGE: line 73: Injecting into main world again: this should fail.
16 CONSOLE ERROR: Refused to apply inline style because it violates the following C ontent Security Policy directive: "default-src 'none'". Either the 'unsafe-inlin e' keyword, a hash ('sha256-bUBNmssmL79UBWplbQJyN9Hi2tRE9H345W5DVyjdUq4='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'sty le-src' was not explicitly set, so 'default-src' is used as a fallback. 16 CONSOLE ERROR: Refused to apply inline style because it violates the following C ontent Security Policy directive: "default-src 'none'". Either the 'unsafe-inlin e' keyword, a hash ('sha256-bUBNmssmL79UBWplbQJyN9Hi2tRE9H345W5DVyjdUq4='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'sty le-src' was not explicitly set, so 'default-src' is used as a fallback.
17 17
18 CONSOLE MESSAGE: line 31: PASS: Style assignment in test 1 was not blocked by CS P. 18 CONSOLE MESSAGE: line 31: PASS: Style assignment in test 1 was not blocked by CS P.
19 This test ensures that style applied in isolated worlds marked with their own Co ntent Security Policy aren't affected by the page's content security policy. Ext ensions, for example, should be able to inject inline CSS (even though it's prob ably a bad idea to do so). 19 This test ensures that style applied in isolated worlds marked with their own Co ntent Security Policy aren't affected by the page's content security policy. Ext ensions, for example, should be able to inject inline CSS (even though it's prob ably a bad idea to do so).
20 20
21 21
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698