OLD | NEW |
(Empty) | |
| 1 <?php |
| 2 header("Content-Security-Policy: require-sri-for style; script-src 'self' 'u
nsafe-inline'"); |
| 3 ?> |
| 4 <!doctype html> |
| 5 <script src="/resources/testharness.js"></script> |
| 6 <script src="/resources/testharnessreport.js"></script> |
| 7 <link rel="stylesheet" crossorigin integrity="sha384-Cw6CHI8aowrEZ8CNuxMe8l9/M9O
KLimDZ/JOnpOh6k0npxXvago/QAd+e3XeTiZt" href="/security/contentSecurityPolicy/sty
le-set-red.css"> |
| 8 <script> |
| 9 async_test(t => { |
| 10 document.addEventListener('securitypolicyviolation', t.unreached_func("N
o report should be generated")); |
| 11 window.onload = t.step_func_done(_ => { |
| 12 assert_equals(document.styleSheets.length, 1); |
| 13 assert_equals(document.styleSheets[0].href, "http://127.0.0.1:8000/s
ecurity/contentSecurityPolicy/style-set-red.css"); |
| 14 }); |
| 15 }, "Stylesheet with integrity loads, and does not trigger reports."); |
| 16 </script> |
OLD | NEW |