Index: LayoutTests/http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.html |
diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.html b/LayoutTests/http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..68f1f219136eb5ba7caa7996b6b201cc27e0a330 |
--- /dev/null |
+++ b/LayoutTests/http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode-and-sends-report.html |
@@ -0,0 +1,16 @@ |
+<!DOCTYPE html> |
+<html> |
+<head> |
+ <meta http-equiv="Content-Security-Policy-Report-Only" content="script-src 'self' 'unsafe-inline'; report-uri resources/save-report.php"> |
+</head> |
+<body> |
+ <script> |
+ try { |
+ eval("alert('PASS: eval() allowed!')"); |
+ } catch (e) { |
+ console.log('FAIL: eval() blocked!'); |
+ } |
+ </script> |
+ <script src="resources/go-to-echo-report.js"></script> |
+</body> |
+</html> |