LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt - Issue 14949017: Implementation of W3C compliant CSP script-src nonce.

Side by Side Diff: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce-expected.txt

Issue 14949017: Implementation of W3C compliant CSP script-src nonce. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master

Patch Set: Minor fixes based on Adam's comments Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce.html ('k') | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-redirect.html » ('j') | Source/core/dom/ScriptElement.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 CONSOLE MESSAGE: Ignoring invalid Content Security Policy script nonce: ''.	1 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: ''nonce-'. It will be ignored.

	2 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: '''. It will be ignored.

	3 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce- '".

2	4

3 CONSOLE MESSAGE: line 7: Refused to load 'http://127.0.0.1:8000/security/content SecurityPolicy/resources/script.js' because it violates the following Content Se curity Policy directive: "script-nonce ".	5 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: ''nonce-'. It will be ignored.

	6 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: '''. It will be ignored.

	7 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce- '".

4	8

5 CONSOLE MESSAGE: Ignoring invalid Content Security Policy script nonce: ''.	9 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: ''nonce-'. It will be ignored.

	10 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: 'spaces''. It will be ignored.

	11 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce- nonces have no spaces'".

6	12

7 CONSOLE MESSAGE: line 7: Refused to load 'http://127.0.0.1:8000/security/content SecurityPolicy/resources/script.js' because it violates the following Content Se curity Policy directive: "script-nonce ".	13 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: ''nonce-1/1''. It will be ignored.

	14 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-1/1'".

8	15

9 CONSOLE MESSAGE: Ignoring invalid Content Security Policy script nonce: ''.	16 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: ''nonce-{}''. It will be ignored.

	17 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-{}'".

10	18

11 CONSOLE MESSAGE: line 7: Refused to load 'http://127.0.0.1:8000/security/content SecurityPolicy/resources/script.js' because it violates the following Content Se curity Policy directive: "script-nonce ".	19 CONSOLE MESSAGE: The source list for Content Security Policy directive 'script-s rc' contains an invalid source: ''nonce-/\''. It will be ignored.

12	20 CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/cont entSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-/\'".

13 CONSOLE MESSAGE: Ignoring invalid Content Security Policy script nonce: 'nonces have no spaces'.

14

15 CONSOLE MESSAGE: line 7: Refused to load 'http://127.0.0.1:8000/security/content SecurityPolicy/resources/script.js' because it violates the following Content Se curity Policy directive: "script-nonce nonces have no spaces".

16	21

17 None of these scripts should execute, as all the nonces are invalid.	22 None of these scripts should execute, as all the nonces are invalid.

18	23

19	24

20	25

21 --------	26 --------

22 Frame: '<!--framePath //<!--frame0-->-->'	27 Frame: '<!--framePath //<!--frame0-->-->'

23 --------	28 --------

24 PASS	29 PASS

25	30

26 --------	31 --------

27 Frame: '<!--framePath //<!--frame1-->-->'	32 Frame: '<!--framePath //<!--frame1-->-->'

28 --------	33 --------

29 PASS	34 PASS

30	35

31 --------	36 --------

32 Frame: '<!--framePath //<!--frame2-->-->'	37 Frame: '<!--framePath //<!--frame2-->-->'

33 --------	38 --------

34 PASS	39 PASS

35	40

36 --------	41 --------

37 Frame: '<!--framePath //<!--frame3-->-->'	42 Frame: '<!--framePath //<!--frame3-->-->'

38 --------	43 --------

39 PASS	44 PASS

	45

	46 --------

	47 Frame: '<!--framePath //<!--frame4-->-->'

	48 --------

	49 PASS

	50

	51 --------

	52 Frame: '<!--framePath //<!--frame5-->-->'

	53 --------

	54 PASS

OLD	NEW