Import wpt@3bd204d7e86fd81e98e63f4ce59b95d98bad1c54

third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/echo-allow-csp-from.py

Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/echo-allow-csp-from.py
diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/echo-allow-csp-from.py b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/echo-allow-csp-from.py
new file mode 100644
index 0000000000000000000000000000000000000000..fa1064adc84a21029fa2cc8c1afa887018da44ad
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/embedded-enforcement/support/echo-allow-csp-from.py
@@ -0,0 +1,37 @@
+import json
+def main(request, response):
+    headers = [("Content-Type", "text/html")]
+    if "allow_csp_from" in request.GET:
+        headers.append(("Allow-CSP-From", request.GET["allow_csp_from"]))
+    message = request.GET["id"]
+    return headers, '''
+<!DOCTYPE html>
+<html>
+<head>
+    <title>This page enforces embedder's policies</title>
+    <script nonce="123">
+        document.addEventListener("securitypolicyviolation", function(e) {
+            var response = {};
+            response["id"] = "%s";
+            response["securitypolicyviolation"] = true;
+            response["blockedURI"] = e.blockedURI;
+            response["lineNumber"] = e.lineNumber;
+            window.top.postMessage(response, '*');
+        });
+    </script>
+</head>
+<body>
+    <style>
+        body {
+            background-color: maroon;
+        }
+    </style>
+    <script nonce="abc"> 
+        var response = {};
+        response["id"] = "%s";
+        response["loaded"] = true;
+        window.top.postMessage(response, '*');
+    </script>
+</body>
+</html>
+''' % (message, message)