OLD | NEW |
---|---|
1 <?php | 1 <?php |
2 header("Content-Security-Policy: style-src 'nonce-abc'"); | 2 header("Content-Security-Policy: style-src 'nonce-abc'"); |
3 ?> | 3 ?> |
4 <!doctype html> | 4 <!doctype html> |
5 <script src="/resources/testharness.js"></script> | 5 <script src="/resources/testharness.js"></script> |
6 <script src="/resources/testharnessreport.js"></script> | 6 <script src="/resources/testharnessreport.js"></script> |
7 <script> | 7 <script> |
8 async_test(t => { | 8 async_test(t => { |
9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation',' securitypolicyviolation']); | 9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation',' securitypolicyviolation']); |
10 watcher | 10 watcher |
11 .wait_for('securitypolicyviolation') | 11 .wait_for('securitypolicyviolation') |
12 .then(t.step_func(e => { | 12 .then(t.step_func(e => { |
13 assert_equals(e.blockedURI, "inline"); | 13 assert_equals(e.blockedURI, "inline"); |
14 assert_equals(e.lineNumber, 24); | 14 assert_equals(e.lineNumber, 20); |
alexmos
2017/03/29 23:27:32
This doesn't seem related to this CL and is alread
arthursonzogni
2017/03/30 11:36:27
Yes, sorry for the confusion. I wanted to add
http
| |
15 return watcher.wait_for('securitypolicyviolation'); | 15 return watcher.wait_for('securitypolicyviolation'); |
16 })) | 16 })) |
17 .then(t.step_func_done(e => { | 17 .then(t.step_func_done(e => { |
18 assert_equals(e.blockedURI, "http://127.0.0.1:8000/security/cont entSecurityPolicy/style-set-red.css"); | 18 assert_equals(e.blockedURI, "http://127.0.0.1:8000/security/cont entSecurityPolicy/style-set-red.css"); |
19 assert_equals(e.lineNumber, 25); | 19 assert_equals(e.lineNumber, 25); |
20 })); | 20 })); |
21 }, "Incorrectly nonced style blocks generate reports."); | 21 }, "Incorrectly nonced style blocks generate reports."); |
22 </script> | 22 </script> |
23 <style> | 23 <style> |
24 #test1 { | 24 #test1 { |
25 color: rgba(1,1,1,1); | 25 color: rgba(1,1,1,1); |
26 } | 26 } |
27 </style> | 27 </style> |
28 <link rel="stylesheet" href="/security/contentSecurityPolicy/style-set-red.css" nonce="xyz"> | 28 <link rel="stylesheet" href="/security/contentSecurityPolicy/style-set-red.css" nonce="xyz"> |
29 <script> | 29 <script> |
30 async_test(t => { | 30 async_test(t => { |
31 window.onload = t.step_func_done(_ => { | 31 window.onload = t.step_func_done(_ => { |
32 assert_equals(document.styleSheets.length, 1); | 32 assert_equals(document.styleSheets.length, 1); |
33 assert_equals(document.styleSheets[0].rules.length, 0); | 33 assert_equals(document.styleSheets[0].rules.length, 0); |
34 }); | 34 }); |
35 }, "Incorrectly nonced stylesheets do not load."); | 35 }, "Incorrectly nonced stylesheets do not load."); |
36 </script> | 36 </script> |
OLD | NEW |