OLD | NEW |
(Empty) | |
| 1 <!DOCTYPE html> |
| 2 <html> |
| 3 |
| 4 <head> |
| 5 <!-- Programmatically converted from a WebKit Reftest, please forgive result
ing idiosyncracies.--> |
| 6 <title>scriptnonce-basic-blocked</title> |
| 7 <script src="/resources/testharness.js"></script> |
| 8 <script src="/resources/testharnessreport.js"></script> |
| 9 <script src='../support/alertAssert.sub.js?alerts=["PASS (closely-quoted non
ce)","PASS (nonce w/whitespace)"]'></script> |
| 10 <!-- enforcing policy: |
| 11 script-src 'self' 'unsafe-inline' 'nonce-noncynonce'; connect-src 'self'; |
| 12 --> |
| 13 <script nonce="noncynonce"> |
| 14 alert_assert('PASS (closely-quoted nonce)'); |
| 15 |
| 16 </script> |
| 17 <script nonce=" noncynonce "> |
| 18 alert_assert('PASS (nonce w/whitespace)'); |
| 19 |
| 20 </script> |
| 21 <script nonce="noncynonce noncynonce"> |
| 22 alert_assert('FAIL (1/3)'); |
| 23 |
| 24 </script> |
| 25 <script> |
| 26 alert_assert('FAIL (2/3)'); |
| 27 |
| 28 </script> |
| 29 <script nonce="noncynonceno?"> |
| 30 alert_assert('FAIL (3/3)'); |
| 31 |
| 32 </script> |
| 33 </head> |
| 34 |
| 35 <body> |
| 36 <p> |
| 37 This tests the effect of a valid script-nonce value. It passes if a CSP
violation is generated, and the two PASS alerts are executed. |
| 38 </p> |
| 39 <div id="log"></div> |
| 40 <script async defer src="../support/checkReport.sub.js?reportExists=true&
;reportField=violated-directive&reportValue=script-src%20'nonce-noncyno
nce'"></script> |
| 41 </body> |
| 42 |
| 43 </html> |
OLD | NEW |