nonce-hiding-move-document.html (994B)
1 <!DOCTYPE html> 2 <meta charset="utf-8"> 3 <meta http-equiv="Content-Security-Policy" content="style-src 'self' 'nonce-allowme';"> 4 <link rel="help" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1831328"> 5 <script src="/resources/testharness.js"></script> 6 <script src="/resources/testharnessreport.js"></script> 7 <title>Nonce isn't lost on document move</title> 8 <style type="text/css" nonce="allowme"> 9 p { 10 color: red; 11 } 12 </style> 13 <p>What color is this?</p> 14 <script> 15 test(function() { 16 const doc = document.implementation.createDocument("http://www.w3.org/1999/xhtml","html"); 17 const style = document.createElement("style"); 18 style.setAttribute("nonce", "allowme"); 19 style.textContent = "p { color: lime }"; 20 21 doc.documentElement.appendChild(style); 22 document.body.appendChild(style); 23 assert_equals(style.nonce, "allowme", "Nonce should not have been lost"); 24 assert_equals(getComputedStyle(document.querySelector("p")).color, "rgb(0, 255, 0)", "Style should apply"); 25 }) 26 </script>