| Index: LayoutTests/http/tests/htmlimports/csp-import-block-but-nonce-expected.txt
|
| diff --git a/LayoutTests/http/tests/htmlimports/csp-import-block-but-nonce-expected.txt b/LayoutTests/http/tests/htmlimports/csp-import-block-but-nonce-expected.txt
|
| index 88a2023629f32a76c4e5be8be5d376966086566c..f3d13203dc0bf2606f3f1b703416fe93fffc3fee 100644
|
| --- a/LayoutTests/http/tests/htmlimports/csp-import-block-but-nonce-expected.txt
|
| +++ b/LayoutTests/http/tests/htmlimports/csp-import-block-but-nonce-expected.txt
|
| @@ -1,12 +1,21 @@
|
| -PASS document.inlineScriptHasRun is undefined
|
| -PASS document.externalScriptHasRun is undefined
|
| -PASS document.externalScriptWithNonceHasRun is true
|
| -PASS document.inlineScriptWithNonceHasRun is true
|
| -PASS document.evalFromInlineHasRun is undefined
|
| -PASS document.evalFromExternalHasRun is undefined
|
| -FAIL document.evalFromInlineWithNonceHasRun should be undefined (of type undefined). Was true (of type boolean).
|
| -FAIL document.evalFromExternalWithNonceHasRun should be undefined (of type undefined). Was true (of type boolean).
|
| -PASS successfullyParsed is true
|
| -
|
| -TEST COMPLETE
|
| +CONSOLE ERROR: Refused to load the script 'http://localhost:8080/htmlimports/resources/external-script.js' because it violates the following Content Security Policy directive: "script-src http://localhost:8000 'nonce-hello'".
|
| +
|
| +CONSOLE ERROR: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src http://localhost:8000 'nonce-hello'".
|
| +
|
| +CONSOLE ERROR: line 4: Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src http://localhost:8000 'nonce-hello'".
|
| +
|
| +CONSOLE ERROR: line 6: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src http://localhost:8000 'nonce-hello'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
|
| +
|
| +CONSOLE ERROR: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src http://localhost:8000 'nonce-hello'".
|
| +
|
| +CONSOLE ERROR: line 13: Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src http://localhost:8000 'nonce-hello'".
|
| +
|
| +CONSOLE MESSAGE: line 12: PASS
|
| +CONSOLE MESSAGE: line 12: PASS
|
| +CONSOLE MESSAGE: line 12: PASS
|
| +CONSOLE MESSAGE: line 12: PASS
|
| +CONSOLE MESSAGE: line 12: PASS
|
| +CONSOLE MESSAGE: line 12: PASS
|
| +CONSOLE MESSAGE: line 12: PASS
|
| +CONSOLE MESSAGE: line 12: PASS
|
|
|
|
|
Chromium Code Reviews
Issue 183883004:
Let ContentSecurityPolicy shared between imports and the master. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk