Teach 'LinkRequestBuilder' about the 'nonce' attribute.

third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/import-enforce-allowed.php

Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/import-enforce-allowed.php
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/import-enforce-allowed.php b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/import-enforce-allowed.php
new file mode 100644
index 0000000000000000000000000000000000000000..e1f91e9f8cece2406297b467cd470722c004ea26
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/nonces/import-enforce-allowed.php
@@ -0,0 +1,24 @@
+<?php
+    header("Content-Security-Policy: script-src 'nonce-abc'");
+?>
+<!doctype html>
+<script nonce="abc" src="/resources/testharness.js"></script>
+<script nonce="abc" src="/resources/testharnessreport.js"></script>
+<script nonce="abc">
+    async_test(t => {
+        document.addEventListener('securitypolicyviolation', t.unreached_func("No report should be generated"));
+        window.onload = t.step_func(_ => {
+            var link = document.createElement('link');
+            link.setAttribute("rel", "import");
+            link.setAttribute("nonce", "abc");
+            link.setAttribute("href", "/security/resources/blank.html");
+
+            link.onerror = t.unreached_func("The import should load.");
+            link.onload = t.step_func_done(_ => {
+              assert_true(!!link.import);
+            });
+
+            document.body.appendChild(link);
+        });
+    }, "Nonced imports load, and do not trigger reports.");
+</script>