Google Git
Sign in
nest-open-source / manifest_repos / chromium_src / 1389d67935ffbffe8a70c1fa06867f6cf7ecf464 / . / chromium / src / third_party / blink / web_tests / http / tests / security / isolatedWorld / bypass-main-world-csp-for-inline-script-expected.txt
blob: 9d4a08bce365b36ca73a343fc1dd76b55b7d17ab [file] [log] [blame]
CONSOLE MESSAGE: line 67: Injecting in main world: this should fail.
CONSOLE ERROR: line 18: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-09Et/dqtUwF1zPoVDKo5ZDj2NUXqkLUxcQfh9UtQQt0='), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: line 26: Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: line 38: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-/zNPOvYKSO49DBmlcgq0Kw1mbrAMhEU0Olki2JQCDME='), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE MESSAGE: line 71: Injecting into isolated world without bypass: this should fail.
CONSOLE ERROR: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-weyW8ZEkQAD8it2iIcRJESCAdVG/APiGxF6JYEqMvKo='), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-pB86azbmdo0Ymgsz9MvuZe0osiEViwXGte4Z0AtHPXs='), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE MESSAGE: line 81: Allowing unsafe-inline for the isolated world: this should pass!
CONSOLE MESSAGE: EXECUTED in isolated world.
CONSOLE ERROR: Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE MESSAGE: Executed using document.write in isolated world. Is main world: true
CONSOLE MESSAGE: line 88: Disallowing unsafe-inline for the isolated world.
CONSOLE ERROR: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-weyW8ZEkQAD8it2iIcRJESCAdVG/APiGxF6JYEqMvKo='), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-pB86azbmdo0Ymgsz9MvuZe0osiEViwXGte4Z0AtHPXs='), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE MESSAGE: line 94: Using an empty CSP for the isolated world. This should pass.
CONSOLE MESSAGE: EXECUTED in isolated world.
CONSOLE ERROR: Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE MESSAGE: Executed using document.write in isolated world. Is main world: true
CONSOLE MESSAGE: line 100: Injecting into main world again: this should fail.
CONSOLE ERROR: line 18: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-09Et/dqtUwF1zPoVDKo5ZDj2NUXqkLUxcQfh9UtQQt0='), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: line 26: Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.
CONSOLE ERROR: line 38: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-/zNPOvYKSO49DBmlcgq0Kw1mbrAMhEU0Olki2JQCDME='), or a nonce ('nonce-...') is required to enable inline execution.
This tests the behavior of inline scripts in isolated worlds and its interaction with the page and isolated world CSP.