Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for-script-allowed.html |
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-appended-script.html b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for-script-allowed.html |
similarity index 60% |
copy from third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-appended-script.html |
copy to third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for-script-allowed.html |
index e99c714f1c0ae276844cf124ea4dd0e54e2708f6..80eba8b0b793e32203a3b16183329edf91b2df97 100644 |
--- a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-appended-script.html |
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/require-sri-for-script-allowed.html |
@@ -1,7 +1,7 @@ |
<!DOCTYPE html> |
<html> |
<head> |
- <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'"> |
+ <meta http-equiv="Content-Security-Policy" content="require-sri-for script; script-src 'unsafe-inline' *"> |
Mike West
2016/06/10 09:25:15
Please write this as a `testharness.js` test. See
jww
2016/06/11 22:45:12
Just as an explanation, this is how we used to wri
|
</head> |
<body> |
<div id="result" text="FAIL">PASS</div> |
@@ -11,6 +11,8 @@ |
testRunner.dumpAsText(); |
a=document.createElement('script'); |
a.src='http://localhost:8000/security/contentSecurityPolicy/resources/script.js'; |
+ a.integrity = 'sha384-Y1+YTX5OChgsfjk2LBCdCTBQop+pFV5749SCz1XuuZAQnuIxkBrPe0obXBmjhmoE'; |
+ a.crossorigin='anonymous'; |
document.body.appendChild(a); |
</script> |
</body> |