| OLD | NEW |
|---|
| 1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
| 2 <html> | 2 <html> |
| 3 <head> | 3 <head> |
| 4 <script src='../resources/multiple-iframe-test.js'></script> | 4 <script src='../resources/multiple-iframe-test.js'></script> |
| 5 <script> | 5 <script> |
| 6 var tests = [ | 6 var tests = [ |
| 7 ['no', 'script-src 127.0.0.1:8000; script-nonce;', 'resources/script.js', ''
], | 7 ['no', 'script-src \'nonce- \'', 'resources/script.js', ''], |
| 8 ['no', 'script-src 127.0.0.1:8000; script-nonce ;', 'resources/script.js', '
'], | 8 ['no', 'script-src \'nonce- \'', 'resources/script.js', ''], |
| 9 ['no', 'script-src 127.0.0.1:8000; script-nonce ;', 'resources/script.j
s', ''], | 9 ['no', 'script-src \'nonce- nonces have no spaces\'', 'resources/script.js',
''], |
| 10 ['no', 'script-src 127.0.0.1:8000; script-nonce nonces have no spaces;', 're
sources/script.js', ''], | 10 ['no', 'script-src \'nonce-1/1\'', 'resources/script.js', '1/1'], |
| 11 ['no', 'script-src \'nonce-{}\'', 'resources/script.js', '{}'], |
| 12 ['no', 'script-src \'nonce-/\\\'', 'resources/script.js', '/\\'], |
| 11 ]; | 13 ]; |
| 12 </script> | 14 </script> |
| 13 </head> | 15 </head> |
| 14 <body onload="testExperimentalPolicy()"> | 16 <body onload="testExperimentalPolicy()"> |
| 15 <p> | 17 <p> |
| 16 None of these scripts should execute, as all the nonces are invalid. | 18 None of these scripts should execute, as all the nonces are invalid. |
| 17 </p> | 19 </p> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14949017:
Implementation of W3C compliant CSP script-src nonce. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master