Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(286)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt

Issue 14949017: Implementation of W3C compliant CSP script-src nonce. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Minor fixes based on Adam's comments Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html ('k') | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce.html » ('j') | Source/core/dom/ScriptElement.cpp » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt
diff --git a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt
index 93cb1565f3315e620b07117d806d96154a8fbe2d..ef66e792aaf657aef1240d913302e3edc6b9090a 100644
--- a/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt
+++ b/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-expected.txt
@@ -1,9 +1,27 @@
-ALERT: PASS (1/2)
-ALERT: PASS (2/2)
-CONSOLE MESSAGE: line 13: Refused to execute script because it violates the following Content Security Policy directive: "script-nonce noncynonce".
+CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-nonce'".
-CONSOLE MESSAGE: line 16: Refused to execute script because it violates the following Content Security Policy directive: "script-nonce noncynonce".
+CONSOLE MESSAGE: Refused to load the script 'http://127.0.0.1:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'nonce-notnonce'".
-CONSOLE MESSAGE: line 19: Refused to execute script because it violates the following Content Security Policy directive: "script-nonce noncynonce".
+Only the first two of these scripts should execute even though there are parse errors in the policy.
-This tests the effect of a valid script-nonce value. It passes if three console warnings are visible, and the two PASS alerts are executed.
+
+
+--------
+Frame: '<!--framePath //<!--frame0-->-->'
+--------
+PASS
+
+--------
+Frame: '<!--framePath //<!--frame1-->-->'
+--------
+PASS
+
+--------
+Frame: '<!--framePath //<!--frame2-->-->'
+--------
+PASS
+
+--------
+Frame: '<!--framePath //<!--frame3-->-->'
+--------
+PASS
« no previous file with comments | « LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked.html ('k') | LayoutTests/http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce.html » ('j') | Source/core/dom/ScriptElement.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698