| Index: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt
|
| diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt
|
| index d2172938c8e9c650f7e1bb37ffe525b1134d9961..cdc755bf58307fbc6e2ad0a99e657a1afb5f35ee 100644
|
| --- a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt
|
| +++ b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt
|
| @@ -1,7 +1,17 @@
|
| +CONSOLE ERROR: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'n".
|
| +
|
| +CONSOLE ERROR: The source list for Content Security Policy directive 'script-src' contains an invalid source: ''nonce'. It will be ignored.
|
| +CONSOLE ERROR: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce".
|
| +
|
| CONSOLE ERROR: The source list for Content Security Policy directive 'script-src' contains an invalid source: ''nonce-''. It will be ignored.
|
| CONSOLE ERROR: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-'".
|
|
|
| CONSOLE ERROR: The source list for Content Security Policy directive 'script-src' contains an invalid source: ''nonce-'. It will be ignored.
|
| +CONSOLE ERROR: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-".
|
| +
|
| +CONSOLE ERROR: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src nonce-abcd".
|
| +
|
| +CONSOLE ERROR: The source list for Content Security Policy directive 'script-src' contains an invalid source: ''nonce-'. It will be ignored.
|
| CONSOLE ERROR: The source list for Content Security Policy directive 'script-src' contains an invalid source: '''. It will be ignored.
|
| CONSOLE ERROR: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce- '".
|
|
|
| @@ -52,3 +62,23 @@ PASS
|
| Frame: '<!--framePath //<!--frame5-->-->'
|
| --------
|
| PASS
|
| +
|
| +--------
|
| +Frame: '<!--framePath //<!--frame6-->-->'
|
| +--------
|
| +PASS
|
| +
|
| +--------
|
| +Frame: '<!--framePath //<!--frame7-->-->'
|
| +--------
|
| +PASS
|
| +
|
| +--------
|
| +Frame: '<!--framePath //<!--frame8-->-->'
|
| +--------
|
| +PASS
|
| +
|
| +--------
|
| +Frame: '<!--framePath //<!--frame9-->-->'
|
| +--------
|
| +PASS
|
|
|
Chromium Code Reviews
Issue 705663003:
CSP: Harden nonce parsing. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master