scripthash-basic-blocked.sub.html (2206B)
1 <!DOCTYPE html> 2 <html> 3 4 <head> 5 <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.--> 6 <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-abc' 'sha256-3iveTSiUbmzN7COYvdDwyaXXzJ3SrjKlTaOvQ/GdRpo=' 'sha256-EgE/bwVJ+ZLL9F5hNjDqD4C7nlFFrdDaKeNIJ2cUem4='; connect-src 'self';"> 7 <title>scripthash-basic-blocked</title> 8 <script src="/resources/testharness.js"></script> 9 <script src="/resources/testharnessreport.js"></script> 10 <script src="../support/logTest.sub.js?logs=[]"></script> 11 <script> 12 window.addEventListener('securitypolicyviolation', function(e) { 13 alert_assert("Fail"); 14 }); 15 </script> 16 17 <script> 18 var t_alert = async_test('Expecting alerts: ["PASS (1/1)"]'); 19 var expected_alerts = ["PASS (1/1)"]; 20 21 function alert_assert(msg) { 22 t_alert.step(function() { 23 if (msg.match(/^FAIL/i)) { 24 assert_unreached(msg); 25 t_alert.done(); 26 } 27 for (var i = 0; i < expected_alerts.length; i++) { 28 if (expected_alerts[i] == msg) { 29 assert_equals(expected_alerts[i], msg); 30 expected_alerts.splice(i, 1); 31 if (expected_alerts.length == 0) { 32 t_alert.done(); 33 } 34 return; 35 } 36 } 37 assert_unreached('unexpected alert: ' + msg); 38 t_log.done(); 39 }); 40 } 41 42 </script> 43 <script> 44 alert_assert('PASS (1/1)'); 45 46 </script> 47 <script> 48 alert_assert('FAIL (1/4)'); 49 50 </script> 51 <script> 52 alert_assert('FAIL (2/4)'); 53 54 </script> 55 <script> 56 alert_assert('FAIL (3/4)'); 57 58 </script> 59 <script> 60 alert_assert('FAIL (4/4)'); 61 62 </script> 63 </head> 64 65 <body> 66 <p> 67 This tests the effect of a valid script-hash value, with one valid script and several invalid ones. It passes if one alert is executed and a CSP violation is reported. 68 </p> 69 <div id="log"></div> 70 </body> 71 72 </html>