cspro-not-enforced-in-worker.html (822B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <script src='/resources/testharness.js'></script> 5 <script src='/resources/testharnessreport.js'></script> 6 </head> 7 <body> 8 <!-- This tests that a report only policy is not treated as enforcing when 9 inherited by a worker. This manifests in particular for `unsafe-eval` 10 in this bug crbug.com/777076 --> 11 <script nonce="abc"> 12 var t1 = async_test("Check that inline is allowed since the inherited policy is report only"); 13 var t2 = async_test("Check that eval is allowed since the inherited policy is report only"); 14 15 var w = new Worker("support/eval.js"); 16 w.onmessage = function(e) { 17 if (e.data == "unsafe-inline allowed") t1.done(); 18 else if (e.data == "unsafe-eval allowed") t2.done(); 19 } 20 </script> 21 </body> 22 </html>