Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/script-src/script-src-1_4_2.html |
diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/script-src/script-src-1_4_2.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/script-src/script-src-1_4_2.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..31382936f474f7046c06462e8012ce0896a23e8c |
--- /dev/null |
+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/script-src/script-src-1_4_2.html |
@@ -0,0 +1,27 @@ |
+<!DOCTYPE HTML> |
+<html> |
+<head> |
+ <title>Function() called as a constructor should throw without 'unsafe-eval' script-src directive.</title> |
+ <script src='/resources/testharness.js'></script> |
+ <script src='/resources/testharnessreport.js'></script> |
+</head> |
+<body> |
+ <h1>Function() called as a constructor should throw without 'unsafe-eval' script-src directive.</h1> |
+ <div id='log'></div> |
+ |
+ <script> |
+ |
+ test(function() { |
+ assert_throws( |
+ new EvalError(), |
+ function() { |
+ var funq = new Function(''); |
+ funq(); |
+ })}, "Unsafe eval ran in Function() constructor."); |
+ |
+ </script> |
+ |
+ <script async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=script-src%20%27self%27+%27unsafe-inline%27'></script> |
+ |
+</body> |
+</html> |