CSP: Fire 'securitypolicyviolation' events in Workers.

third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/securitypolicyviolation/inside-shared-worker.html

Index: third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/securitypolicyviolation/inside-shared-worker.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/securitypolicyviolation/inside-shared-worker.html b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/securitypolicyviolation/inside-shared-worker.html
new file mode 100644
index 0000000000000000000000000000000000000000..f00d81f7850f855daba56f45894a9c7d294000fa
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/securitypolicyviolation/inside-shared-worker.html
@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<!--
+  Set a policy in the document to ensure that the block is triggering
+  in the worker and not in the document.
+-->
+<meta http-equiv="content-security-policy" content="connect-src http://127.0.0.1:8000">
+
+<script>
+  var w = new SharedWorker("./resources/inside-worker.php");
+
+  // Forward 'securitypolicyviolation' events from the document into the
+  // worker (we shouldn't actually see any, so the worker will assert that
+  // none are fired.
+  document.addEventListener('securitypolicyviolation', _ => {
+    w.port.postMessage("SecurityPolicyViolation from Document", "*");
+  });
+
+  fetch_tests_from_worker(w);
+</script>
+