scriptnonce-specified-source.sub.html (1338B)
1 <!doctype html> 2 <script nonce="specified" src="/resources/testharness.js"></script> 3 <script nonce="specified" src="/resources/testharnessreport.js"></script> 4 5 <div id=log></div> 6 <script nonce="specified"> 7 [ 8 { 9 name: 'CSP with both source and nonce should allow matching source', 10 src: "http://{{host}}:{{ports[http][0]}}/content-security-policy/support/alert-pass.js", 11 nonce: "notspecified" 12 }, 13 { 14 name: 'CSP with both source and nonce should allow both matching nonce and source', 15 src: "http://{{host}}:{{ports[http][0]}}/content-security-policy/support/alert-pass.js", 16 nonce: "specified" 17 } 18 ].forEach(elt => { 19 async_test((test) => { 20 const s = document.createElement('script'); 21 s.src = elt.src; 22 s.nonce = elt.nonce; 23 s.onload = () => test.done(); 24 s.onerror = test.unreached_func('Script should load correctly'); 25 document.body.appendChild(s); 26 }, elt.name); 27 }); 28 29 const t = async_test('No CSP violation should fire and all scripts should load'); 30 let count = 0; 31 const expected = 2; 32 function alert_assert(msg) { 33 if (msg === "PASS") { 34 count++; 35 if (count == expected) { 36 t.done(); 37 } 38 } 39 } 40 41 window.addEventListener('securitypolicyviolation', 42 t.unreached_func('No CSP violation should fire')); 43 </script>