chromium/src/third_party/blink/web_tests/external/wpt/content-security-policy/frame-src/frame-src-same-document.sub.html - manifest_repos/chromium_src - Git at Google

 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <html>
 <body></body>
 <script>
     let crossOriginUrl =
       "http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/frame-src/support/frame.html";

     promise_test(async test => {
       let iframe = document.createElement("iframe");
       document.body.appendChild(iframe);

       for(let hash of ["#0", "#1"]) {
         let violation = new Promise(resolve => {
           window.addEventListener('securitypolicyviolation', resolve);
         });
         iframe.src = crossOriginUrl + hash;
         await violation;
       }
     }, "Same-document navigation in an iframe blocked by CSP frame-src");
 </script>
 </html>
	<script src="/resources/testharness.js"></script>
	<script src="/resources/testharnessreport.js"></script>
	<html>
	<body></body>
	<script>
	let crossOriginUrl =
	"http://www1.{{host}}:{{ports[http][0]}}/content-security-policy/frame-src/support/frame.html";

	promise_test(async test => {
	let iframe = document.createElement("iframe");
	document.body.appendChild(iframe);

	for(let hash of ["#0", "#1"]) {
	let violation = new Promise(resolve => {
	window.addEventListener('securitypolicyviolation', resolve);
	});
	iframe.src = crossOriginUrl + hash;
	await violation;
	}
	}, "Same-document navigation in an iframe blocked by CSP frame-src");
	</script>
	</html>