summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/tests/content-security-policy/script-src/script-src-multiple-policies-one-using-hashing-algorithms.html
blob: da9e60f874305c297cd896afd2654059ff650919 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
<!DOCTYPE HTML>
<html>
<head>
  <title>Multiple policies some using hashes some not using hashes still work.</title>
  <!-- nonces are here just to let all of our scripts run -->
  <script nonce="abc" src='/resources/testharness.js'></script>
  <script nonce="abc" src='/resources/testharnessreport.js'></script>
</head>
<body>
  <script nonce="abc">
    var t = async_test("Test that script executes if allowed by proper hash values");
    document.addEventListener("securitypolicyviolation", t.unreached_func("Should not have triggered a security event"));
    var executed = false;
  </script>

  <!-- test will fail if this script is not allowed to run -->
  <script>executed = true;</script>

  <script nonce="abc">
    t.step(function() {
      assert_true(executed);
      t.done();
    });
  </script>
</body>
</html>