OLD | NEW |
(Empty) | |
| 1 <!DOCTYPE html> |
| 2 <html> |
| 3 |
| 4 <head> |
| 5 <!-- Programmatically converted from a WebKit Reftest, please forgive result
ing idiosyncracies.--> |
| 6 <title>scripthash-ignore-unsafeinline</title> |
| 7 <script src="/resources/testharness.js"></script> |
| 8 <script src="/resources/testharnessreport.js"></script> |
| 9 <script src="../support/logTest.sub.js?logs=[]"></script> |
| 10 <script> |
| 11 var t_alert = async_test('Expecting alerts: ["PASS (1/1)"]'); |
| 12 var expected_alerts = ["PASS (1/1)"]; |
| 13 |
| 14 function alert_assert(msg) { |
| 15 t_alert.step(function() { |
| 16 if (msg.match(/^FAIL/i)) { |
| 17 assert_unreached(msg); |
| 18 t_alert.done(); |
| 19 } |
| 20 for (var i = 0; i < expected_alerts.length; i++) { |
| 21 if (expected_alerts[i] == msg) { |
| 22 assert_true(expected_alerts[i] == msg); |
| 23 expected_alerts.splice(i, 1); |
| 24 if (expected_alerts.length == 0) { |
| 25 t_alert.done(); |
| 26 } |
| 27 return; |
| 28 } |
| 29 } |
| 30 assert_unreached('unexpected alert: ' + msg); |
| 31 t_log.done(); |
| 32 }); |
| 33 } |
| 34 |
| 35 </script> |
| 36 <!-- enforcing policy: |
| 37 script-src 'self' 'unsafe-inline' 'sha1-Au4uYFbkf7OYd+ACMnKq96FN3qo=' 'unsafe-in
line'; connect-src 'self'; |
| 38 --> |
| 39 <script> |
| 40 alert_assert('PASS (1/1)'); |
| 41 |
| 42 </script> |
| 43 <script> |
| 44 alert_assert('FAIL (1/1)'); |
| 45 |
| 46 </script> |
| 47 </head> |
| 48 |
| 49 <body> |
| 50 <p> |
| 51 This tests that a valid hash value disables inline JavaScript, even if &
apos;unsafe-inline' is present. |
| 52 </p> |
| 53 <div id="log"></div> |
| 54 <script async defer src="../support/checkReport.sub.js?reportExists=true&
;reportField=violated-directive&reportValue=script-src%20'sha1-Au4uYFbk
f7OYd+ACMnKq96FN3qo='%20'unsafe-inline'"></script> |
| 55 </body> |
| 56 |
| 57 </html> |
OLD | NEW |