Import wpt@3bd204d7e86fd81e98e63f4ce59b95d98bad1c54

third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib-2/scripthash-unicode-normalization.sub.html

Index: third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib-2/scripthash-unicode-normalization.sub.html
diff --git a/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib-2/scripthash-unicode-normalization.sub.html b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib-2/scripthash-unicode-normalization.sub.html
new file mode 100644
index 0000000000000000000000000000000000000000..bd1e0365c2e17031351b1d04645beb3e1a57c455
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/external/wpt/content-security-policy/blink-contrib-2/scripthash-unicode-normalization.sub.html
@@ -0,0 +1,71 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+    <title>scripthash-unicode-normalization</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+
+    <!-- enforcing policy:
+script-src 'self' 'nonce-nonceynonce' 'sha256-dWTP4Di8KBjaiXvQ5mRquI9OoBSo921ahYxLfYSiuT8='; connect-src 'self';
+-->
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+</head>
+
+<body>
+    <!-- The following two scripts contain two separate code points (U+00C5
+        and U+212B, respectively) which, depending on your text editor, might be
+        rendered the same.However, their difference is important because, under
+        NFC normalization, they would become the same code point, which would be
+        against the spec. This test, therefore, validates that the scripts have
+        *different* hash values. -->
+    <script nonce="nonceynonce">
+      var matchingContent = 'Å';
+      var nonMatchingContent = 'Å';
+
+      // This script should have a hash value of
+      // sha256-9UFeeZbvnMa0tLNu76v96T4Hh+UtDWHm2lPQJoTWb9c=
+      var scriptContent1 = "window.finish('" + matchingContent + "');";
+
+      // This script should have a hash value of
+      // sha256-iNjjXUXds31FFvkAmbC74Sxnvreug3PzGtu16udQyqM=
+      var scriptContent2 = "window.finish('" + nonMatchingContent + "');";
+
+      var script1 = document.createElement('script');
+      var script2 = document.createElement('script');
+
+      script1.test = async_test("Only matching content runs even with NFC normalization.");
+
+      var failure = function() {
+        assert_unreached();
+      }
+
+      window.finish = function(content) {
+        if (content == matchingContent) {
+          script1.test.step(function() {
+            script1.test.done();
+          });
+        } else {
+	  script1.test.step(function() {
+            assert_unreached("nonMatchingContent script ran");
+	  });
+        }
+      }
+
+      script1.onerror = failure;
+
+      document.body.appendChild(script2);
+      script2.textContent = scriptContent2;
+      document.body.appendChild(script1);
+      script1.textContent = scriptContent1;
+    </script>
+
+    <p>
+        This tests Unicode normalization. While appearing the same, the strings in the scripts are different Unicode points, but through normalization, should be the same when the hash is taken.
+    </p>
+    <div id="log"></div>
+    <script async defer src="../support/checkReport.sub.js?reportExists=true"></script>
+</body>
+
+</html>