script-src-multiple-policies-one-using-hashing-algorithms.html (826B)
1 <!DOCTYPE HTML> 2 <html> 3 <head> 4 <title>Multiple policies some using hashes some not using hashes still work.</title> 5 <!-- nonces are here just to let all of our scripts run --> 6 <script nonce="abc" src='/resources/testharness.js'></script> 7 <script nonce="abc" src='/resources/testharnessreport.js'></script> 8 </head> 9 <body> 10 <script nonce="abc"> 11 var t = async_test("Test that script executes if allowed by proper hash values"); 12 document.addEventListener("securitypolicyviolation", t.unreached_func("Should not have triggered a security event")); 13 var executed = false; 14 </script> 15 16 <!-- test will fail if this script is not allowed to run --> 17 <script>executed = true;</script> 18 19 <script nonce="abc"> 20 t.step(function() { 21 assert_true(executed); 22 t.done(); 23 }); 24 </script> 25 </body> 26 </html>