LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt - Issue 14949017: Implementation of W3C compliant CSP script-src nonce.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt

Issue 14949017: Implementation of W3C compliant CSP script-src nonce. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Factored script nonce checks to point of resource request creation, plus nits from Adam Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html ('k') | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce.html » ('j') | Source/core/dom/ScriptElement.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 ALERT: PASS (1/2)	1 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-nonce'".

2 ALERT: PASS (2/2)

3 CONSOLE MESSAGE: line 13: Refused to execute script because it violates the foll owing Content Security Policy directive: "script-nonce noncynonce".

4	2

5 CONSOLE MESSAGE: line 16: Refused to execute script because it violates the foll owing Content Security Policy directive: "script-nonce noncynonce".	3 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-notnonce'".

6	4

7 CONSOLE MESSAGE: line 19: Refused to execute script because it violates the foll owing Content Security Policy directive: "script-nonce noncynonce".	5 Only the first two of these scripts should execute even though there are parse e rrors in the policy.

8	6

9 This tests the effect of a valid script-nonce value. It passes if three console warnings are visible, and the two PASS alerts are executed.	7

	8

	9 --------

	10 Frame: '<!--framePath //<!--frame0-->-->'

	11 --------

	12 PASS

	13

	14 --------

	15 Frame: '<!--framePath //<!--frame1-->-->'

	16 --------

	17 PASS

	18

	19 --------

	20 Frame: '<!--framePath //<!--frame2-->-->'

	21 --------

	22 PASS

	23

	24 --------

	25 Frame: '<!--framePath //<!--frame3-->-->'

	26 --------

	27 PASS

OLD	NEW