Index: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html |
diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html |
index 43dab4afedc91072fa828cfcf63791e981a0060b..fbc3cc14e3daabf8ac90801fc9aae55a6f265100 100644 |
--- a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html |
+++ b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html |
@@ -1,30 +1,17 @@ |
<!DOCTYPE html> |
<html> |
- <head> |
- <meta http-equiv="Content-Security-Policy" content="script-nonce noncynonce;"> |
- <script nonce="noncynonce"> |
- if (window.testRunner) |
- testRunner.dumpAsText(); |
- alert('PASS (1/2)'); |
- </script> |
- <script nonce=" noncynonce "> |
- alert('PASS (2/2)'); |
- </script> |
- <script nonce="noncynonce noncynonce"> |
- alert('FAIL (1/3)'); |
- </script> |
- <script> |
- alert('FAIL (2/3)'); |
- </script> |
- <script nonce="noncynonceno?"> |
- alert('FAIL (3/3)'); |
- </script> |
- </head> |
- <body> |
- <p> |
- This tests the effect of a valid script-nonce value. It passes if |
- three console warnings are visible, and the two PASS alerts are |
- executed. |
- </p> |
- </body> |
-</html> |
+<head> |
+<script src='../resources/multiple-iframe-test.js'></script> |
+<script> |
+var tests = [ |
+ ['yes', 'script-src 127.0.0.1:8000', 'resources/script.js', 'nonce'], |
+ ['yes', 'script-src 127.0.0.1:8000 \'nonce-nonce\'', 'resources/script.js', 'nonce'], |
+ ['no', 'script-src \'nonce-nonce\'', 'resources/script.js', 'notnonce'], |
+ ['no', 'script-src \'nonce-notnonce\'', 'resources/script.js', 'nonce'], |
+]; |
+</script> |
+</head> |
+<body onload="testExperimentalPolicy()"> |
+ <p> |
+ Only the first two of these scripts should execute even though there are parse errors in the policy. |
+ </p> |