OLD | NEW |
1 <?php | 1 <?php |
2 header("Content-Security-Policy-Report-Only: style-src 'nonce-abc'"); | 2 header("Content-Security-Policy-Report-Only: style-src 'nonce-abc'"); |
3 ?> | 3 ?> |
4 <!doctype html> | 4 <!doctype html> |
5 <script src="/resources/testharness.js"></script> | 5 <script src="/resources/testharness.js"></script> |
6 <script src="/resources/testharnessreport.js"></script> | 6 <script src="/resources/testharnessreport.js"></script> |
7 <script> | 7 <script> |
8 async_test(t => { | 8 async_test(t => { |
9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation','
securitypolicyviolation']); | 9 var watcher = new EventWatcher(t, document, ['securitypolicyviolation','
securitypolicyviolation']); |
10 watcher | 10 watcher |
11 .wait_for('securitypolicyviolation') | 11 .wait_for('securitypolicyviolation') |
12 .then(t.step_func(e => { | 12 .then(t.step_func(e => { |
13 assert_equals(e.blockedURI, "inline"); | 13 assert_equals(e.blockedURI, "inline"); |
14 assert_equals(e.lineNumber, 24); | 14 assert_equals(e.lineNumber, 20); |
15 return watcher.wait_for('securitypolicyviolation'); | 15 return watcher.wait_for('securitypolicyviolation'); |
16 })) | 16 })) |
17 .then(t.step_func_done(e => { | 17 .then(t.step_func_done(e => { |
18 assert_equals(e.blockedURI, "http://127.0.0.1:8000/security/cont
entSecurityPolicy/style-set-red.css"); | 18 assert_equals(e.blockedURI, "http://127.0.0.1:8000/security/cont
entSecurityPolicy/style-set-red.css"); |
19 assert_equals(e.lineNumber, 25); | 19 assert_equals(e.lineNumber, 25); |
20 })); | 20 })); |
21 }, "Incorrectly nonced style blocks generate reports."); | 21 }, "Incorrectly nonced style blocks generate reports."); |
22 </script> | 22 </script> |
23 <style> | 23 <style> |
24 #test1 { | 24 #test1 { |
25 color: rgba(1,1,1,1); | 25 color: rgba(1,1,1,1); |
26 } | 26 } |
27 </style> | 27 </style> |
28 <link rel="stylesheet" href="/security/contentSecurityPolicy/style-set-red.css"
nonce="xyz"> | 28 <link rel="stylesheet" href="/security/contentSecurityPolicy/style-set-red.css"
nonce="xyz"> |
29 <script> | 29 <script> |
30 async_test(t => { | 30 async_test(t => { |
31 window.onload = t.step_func_done(_ => { | 31 window.onload = t.step_func_done(_ => { |
32 assert_equals(document.styleSheets.length, 2); | 32 assert_equals(document.styleSheets.length, 2); |
33 assert_equals(document.styleSheets[0].href, null); | 33 assert_equals(document.styleSheets[0].href, null); |
34 assert_equals(document.styleSheets[1].href, "http://127.0.0.1:8000/s
ecurity/contentSecurityPolicy/style-set-red.css"); | 34 assert_equals(document.styleSheets[1].href, "http://127.0.0.1:8000/s
ecurity/contentSecurityPolicy/style-set-red.css"); |
35 }); | 35 }); |
36 }, "Incorrectly nonced stylesheets load."); | 36 }, "Incorrectly nonced stylesheets load."); |
37 </script> | 37 </script> |
OLD | NEW |