Apply 'x-content-type-options' check to dynamically inserted script.

LayoutTests/http/tests/security/contentTypeOptions/nosniff-dynamic-script-blocked.html

Index: LayoutTests/http/tests/security/contentTypeOptions/nosniff-dynamic-script-blocked.html
diff --git a/LayoutTests/http/tests/security/contentTypeOptions/nosniff-script-without-content-type-blocked.html b/LayoutTests/http/tests/security/contentTypeOptions/nosniff-dynamic-script-blocked.html
similarity index 64%
copy from LayoutTests/http/tests/security/contentTypeOptions/nosniff-script-without-content-type-blocked.html
copy to LayoutTests/http/tests/security/contentTypeOptions/nosniff-dynamic-script-blocked.html
index 99b385a7c39bc1c3f35687da30125f4e40d1bc50..6d0c62d8e7c1e4cf8369e76e93c00a08b7fa755b 100644
--- a/LayoutTests/http/tests/security/contentTypeOptions/nosniff-script-without-content-type-blocked.html
+++ b/LayoutTests/http/tests/security/contentTypeOptions/nosniff-dynamic-script-blocked.html
@@ -5,14 +5,19 @@
 <body>
     <script src="/js-test-resources/js-test.js"></script>
     <script>
-        description('Check that script sent with an \'X-Content-Type-Options: nosniff\' header is correctly blocked if no \'Content-Type\' header is present.');
+        description('Check that script sent with an \'X-Content-Type-Options: nosniff\' header is correctly blocked if the MIME type isn\'t scripty.');
         window.jsTestIsAsync = true;
+
         window.scriptsSuccessfullyLoaded = 0;
+
+        var s = document.createElement('script');
+        s.src = './resources/script-with-header.pl?mime=application/json';
+        document.querySelector('head').appendChild(s);
+
         window.onload = function () {
             shouldBe('window.scriptsSuccessfullyLoaded', '0');
             finishJSTest();
         };
     </script>
-    <script src="./resources/script-with-header.pl"></script>
 </body>
 </html>