diff options
Diffstat (limited to '')
2 files changed, 27 insertions, 0 deletions
diff --git a/testing/web-platform/tests/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html b/testing/web-platform/tests/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html new file mode 100644 index 0000000000..027c61d8c6 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html @@ -0,0 +1,20 @@ +<!DOCTYPE HTML> +<html> +<head> + <title>Multiple policies with different hashing algorithms still work.</title> + <meta name="timeout" content="long"> + <script src='/resources/testharness.js'></script> + <script src='/resources/testharnessreport.js'></script> +</head> +<body> + <script> + var t = async_test("Test that style loads if allowed by proper hash values"); + document.addEventListener("securitypolicyviolation", t.unreached_func("Should not have triggered a security event")); + </script> + + <!-- test will time out if this style is not allowed to load --> + <style onload="t.done();" onerror="t.unreached_func('Should have loaded the style');">p {color:blue;}</style> + + <script async defer src='../support/checkReport.sub.js?reportExists=false'></script> +</body> +</html> diff --git a/testing/web-platform/tests/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html.sub.headers b/testing/web-platform/tests/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html.sub.headers new file mode 100644 index 0000000000..e31aa5aa27 --- /dev/null +++ b/testing/web-platform/tests/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html.sub.headers @@ -0,0 +1,7 @@ +Expires: Mon, 26 Jul 1997 05:00:00 GMT +Cache-Control: no-store, no-cache, must-revalidate +Cache-Control: post-check=0, pre-check=0, false +Pragma: no-cache +Set-Cookie: style-src-multiple-policies-multiple-hashing-algorithms={{$id:uuid()}}; Path=/content-security-policy/style-src/ +Content-Security-Policy: style-src 'sha256-rB6kiow2O3eFUeTNyyLeK3wV0+l7vNB90J1aqllKvjg='; script-src 'unsafe-inline' 'self'; report-uri /reporting/resources/report.py?op=put&reportID={{$id}} +Content-Security-Policy: style-src 'sha384-DAShdG5sejEaOdWfT+TQMRP5mHssKiUNjFggNnElIvIoj048XQlacVRs+za2AM1a'; script-src 'unsafe-inline' 'self'; report-uri /reporting/resources/report.py?op=put&reportID={{$id}} |