Adding upstream version 1:115.7.0.upstream/1%115.7.0upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

2 files changed, 28 insertions, 0 deletions

diff --git a/testing/web-platform/tests/content-security-policy/inheritance/sandboxed-blob-scheme.html b/testing/web-platform/tests/content-security-policy/inheritance/sandboxed-blob-scheme.html
new file mode 100644
index 0000000000..590fa7ec1a
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/inheritance/sandboxed-blob-scheme.html
@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <script nonce="abc" src="/resources/testharness.js"></script>
+    <script nonce="abc" src="/resources/testharnessreport.js"></script>
+</head>
+
+<body>
+    <script nonce='abc'>
+      var blob_string = "<script>alert(document.domain)<\/scr"+"ipt>";
+      var blob = new Blob([blob_string], {type : 'text/html'});
+      var url = URL.createObjectURL(blob);
+
+      var i = document.createElement('iframe');
+      i.src = url;
+      i.sandbox = "allow-scripts";
+      document.body.appendChild(i);
+    </script>
+    <script nonce='abc' async defer src='../support/checkReport.sub.js?reportField=violated-directive&reportValue=script-src%20%27nonce-abc%27'></script>
+</body>
+
+</html>
diff --git a/testing/web-platform/tests/content-security-policy/inheritance/sandboxed-blob-scheme.html.sub.headers b/testing/web-platform/tests/content-security-policy/inheritance/sandboxed-blob-scheme.html.sub.headers
new file mode 100644
index 0000000000..adc398d890
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/inheritance/sandboxed-blob-scheme.html.sub.headers
@@ -0,0 +1,5 @@
+Expires: Mon, 26 Jul 1997 05:00:00 GMT
+Cache-Control: no-store, no-cache, must-revalidate
+Pragma: no-cache
+Set-Cookie: sandboxed-blob-scheme={{$id:uuid()}}; Path=/content-security-policy/inheritance/
+Content-Security-Policy: script-src 'nonce-abc'; report-uri http://{{host}}:{{ports[http][0]}}/reporting/resources/report.py?op=put&reportID={{$id}}