style-sample-no-opt-in.html (1206B)
1 <!doctype html> 2 <meta http-equiv="Content-Security-Policy" content="style-src 'nonce-abc'"> 3 <script nonce="abc" src="/resources/testharness.js"></script> 4 <script nonce="abc" src="/resources/testharnessreport.js"></script> 5 <body> 6 <script nonce="abc"> 7 function waitForViolation(el) { 8 return new Promise(resolve => { 9 el.addEventListener('securitypolicyviolation', e => resolve(e)); 10 }); 11 } 12 13 async_test(t => { 14 var s = document.createElement('style'); 15 s.innerText = "p { omg: yay !important; }"; 16 17 waitForViolation(s) 18 .then(t.step_func_done(e => { 19 assert_equals(e.blockedURI, "inline"); 20 assert_equals(e.sample, ""); 21 })); 22 23 document.head.append(s); 24 }, "Inline style blocks should not have a sample."); 25 26 async_test(t => { 27 var p = document.createElement('p'); 28 p.setAttribute("style", "omg: yay !important;"); 29 p.innerText = "Yay!"; 30 31 waitForViolation(p) 32 .then(t.step_func_done(e => { 33 assert_equals(e.blockedURI, "inline"); 34 assert_equals(e.sample, ""); 35 })); 36 37 document.head.append(p); 38 }, "Inline style attributes should not have a sample."); 39 </script>