| Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/multiple-policies-with-nonce.php
|
| diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/multiple-policies-with-nonce.php b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/multiple-policies-with-nonce.php
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..cae08214aa0ca39a58ebeec35f03f41e56065cc3
|
| --- /dev/null
|
| +++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/multiple-policies-with-nonce.php
|
| @@ -0,0 +1,15 @@
|
| +<?php
|
| +header("Content-Security-Policy: script-src 'nonce-abcd1234'");
|
| +header("Content-Security-Policy-Report-Only: script-src 'self'");
|
| +?>
|
| +<!DOCTYPE html>
|
| +<script src="/resources/testharness.js" nonce="abcd1234"></script>
|
| +<script src="/resources/testharnessreport.js" nonce="abcd1234"></script>
|
| +<script>
|
| + assert_unreached("This script block has no nonce, and should not execute.");
|
| +</script>
|
| +<script nonce="abcd1234">
|
| + test(_ => {
|
| + assert_true(true);
|
| + }, "This script block has a matching nonce, and should execute.");
|
| +</script>
|
|
|
Chromium Code Reviews
Issue 1980533002:
CSP: Fix handling of nonces in report-only mode. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master