stylenonce-allowed.sub.html (1767B)
1 <!DOCTYPE html> 2 <html> 3 4 <head> 5 <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.--> 6 <meta http-equiv="Content-Security-Policy" content="style-src 'self' 'nonce-noncynonce' 'nonce-noncy+/nonce='; script-src 'self' 'unsafe-inline'; connect-src 'self';"> 7 <title>stylenonce-allowed</title> 8 <script src="/resources/testharness.js"></script> 9 <script src="/resources/testharnessreport.js"></script> 10 <script src="../support/logTest.sub.js?logs=[]"></script> 11 <script src="../support/alertAssert.sub.js?alerts=[]"></script> 12 <script> 13 var t_spv = async_test("Should fire securitypolicyviolation"); 14 window.addEventListener('securitypolicyviolation', t_spv.step_func_done(function(e) { 15 assert_equals(e.violatedDirective, "style-src-elem"); 16 })); 17 18 </script> 19 20 <style nonce="noncynonce"> 21 #test1 { 22 color: green; 23 } 24 25 </style> 26 <style> 27 #test1 { 28 color: red; 29 } 30 31 </style> 32 <style nonce="noncynonce"> 33 #test2 { 34 color: green; 35 } 36 37 </style> 38 </head> 39 40 <body> 41 <p id="test1">This text should be green.</p> 42 <p id="test2">This text should also be green.</p> 43 <script> 44 var el = document.querySelector('#test1'); 45 test(function() { 46 assert_equals(window.getComputedStyle(el).color, "rgb(0, 128, 0)") 47 }); 48 var el = document.querySelector('#test2'); 49 test(function() { 50 assert_equals(window.getComputedStyle(el).color, "rgb(0, 128, 0)") 51 }); 52 53 </script> 54 <p>Style correctly allowed via a 'nonce-*' expression in 'style-src' should be applied to the page.</p> 55 <div id="log"></div> 56 </body> 57 58 </html>