OLD | NEW |
1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
2 <html> | 2 <html> |
3 <head> | 3 <head> |
4 <meta http-equiv="Content-Security-Policy" content="script-nonce noncyno
nce;"> | 4 <script src='../resources/multiple-iframe-test.js'></script> |
5 <script nonce="noncynonce"> | 5 <script> |
6 if (window.testRunner) | 6 var tests = [ |
7 testRunner.dumpAsText(); | 7 ['yes', 'script-src 127.0.0.1:8000', 'resources/script.js', 'nonce'], |
8 alert('PASS (1/2)'); | 8 ['yes', 'script-src 127.0.0.1:8000 \'nonce-nonce\'', 'resources/script.js',
'nonce'], |
9 </script> | 9 ['no', 'script-src \'nonce-nonce\'', 'resources/script.js', 'notnonce'], |
10 <script nonce=" noncynonce "> | 10 ['no', 'script-src \'nonce-notnonce\'', 'resources/script.js', 'nonce'], |
11 alert('PASS (2/2)'); | 11 ]; |
12 </script> | 12 </script> |
13 <script nonce="noncynonce noncynonce"> | 13 </head> |
14 alert('FAIL (1/3)'); | 14 <body onload="testExperimentalPolicy()"> |
15 </script> | 15 <p> |
16 <script> | 16 Only the first two of these scripts should execute even though there are par
se errors in the policy. |
17 alert('FAIL (2/3)'); | 17 </p> |
18 </script> | |
19 <script nonce="noncynonceno?"> | |
20 alert('FAIL (3/3)'); | |
21 </script> | |
22 </head> | |
23 <body> | |
24 <p> | |
25 This tests the effect of a valid script-nonce value. It passes if | |
26 three console warnings are visible, and the two PASS alerts are | |
27 executed. | |
28 </p> | |
29 </body> | |
30 </html> | |
OLD | NEW |