default-src-inline-blocked.sub.html (1119B)
1 <!DOCTYPE html> 2 <html> 3 4 <head> 5 <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.--> 6 <script> 7 window.addEventListener('securitypolicyviolation', function(e) { 8 log("violated-directive=" + e.violatedDirective); 9 }); 10 </script> 11 <meta http-equiv="Content-Security-Policy" content="default-src 'self'; connect-src 'self';"> 12 <title>default-src-inline-blocked</title> 13 <script src="/resources/testharness.js"></script> 14 <script src="/resources/testharnessreport.js"></script> 15 <script src='../support/logTest.sub.js?logs=["violated-directive=script-src-elem","violated-directive=script-src-elem"]'></script> 16 <script src='../support/alertAssert.sub.js?alerts=[]'></script> 17 </head> 18 19 <body> 20 <p>This test passes if the inline scripts don't create failing tests and a CSP report is sent.</p> 21 <script> 22 test(function() { 23 assert_unreached('FAIL inline script ran') 24 }); 25 26 </script> 27 <script src="../support/document-write-alert-fail.js"></script> 28 <div id="log"></div> 29 </body> 30 31 </html>