Index: LayoutTests/http/tests/htmlimports/resources/having-unsafe-eval-policy.html |
diff --git a/LayoutTests/http/tests/htmlimports/resources/having-unsafe-eval-policy.html b/LayoutTests/http/tests/htmlimports/resources/having-unsafe-eval-policy.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..a593c1675c820fa285ddb344d4f287044c257c94 |
--- /dev/null |
+++ b/LayoutTests/http/tests/htmlimports/resources/having-unsafe-eval-policy.html |
@@ -0,0 +1,13 @@ |
+<!DOCTYPE html> |
+<html> |
+<head> |
+<meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline' 'unsafe-eval'"> |
+<script src="external-script.js"></script> |
+<script src="http://localhost:8000//htmlimports/resources/cors-js.cgi"></script> |
+<script> |
+document.inlineScriptHasRun = true; |
+eval("document.evalFromInlineHasRun = true;"); |
+</script> |
+ |
+</head> |
+</html> |