stylenonce-blocked.sub.html (1410B)
1 <!DOCTYPE html> 2 <html> 3 4 <head> 5 <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.--> 6 <meta http-equiv="Content-Security-Policy" content="style-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self';"> 7 <title>stylenonce-blocked</title> 8 <script src="/resources/testharness.js"></script> 9 <script src="/resources/testharnessreport.js"></script> 10 <link rel="stylesheet" type="text/css" href="../style-src/resources/allowed.css"> 11 <script src="../support/logTest.sub.js?logs=[]"></script> 12 <script src="../support/alertAssert.sub.js?alerts=[]"></script> 13 <script> 14 var t_spv = async_test("Should fire securitypolicyviolation"); 15 window.addEventListener('securitypolicyviolation', t_spv.step_func_done(function(e) { 16 assert_equals(e.violatedDirective, "style-src-elem"); 17 })); 18 </script> 19 <style nonce="noncynonce"> 20 #test { 21 color: red; 22 } 23 24 </style> 25 </head> 26 27 <body> 28 <p id="test">This text should be green.</p> 29 <script> 30 var el = document.querySelector('#test'); 31 test(function() { 32 assert_equals(window.getComputedStyle(el).color, "rgb(0, 128, 0)") 33 }); 34 35 </script> 36 <p>Style that does not match a 'nonce-*' expression in 'style-src' should not be applied to the page.</p> 37 <div id="log"></div> 38 </body> 39 40 </html>