| ALERT: Running test #1 |
| ALERT: Isolated world with no CSP |
| CONSOLE ERROR: Refused to run the JavaScript URL because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. |
| |
| ALERT: Running test #2 |
| ALERT: Isolated world with permissive CSP |
| ALERT: iframe javascript: src running |
| ALERT: Running test #3 |
| ALERT: Isolated world with strict CSP |
| CONSOLE ERROR: Refused to run the JavaScript URL because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. |
| |
| ALERT: Running test #4 |
| This test verifies the behavior of navigations to javascript urls in isolated worlds and its interaction with the isolated world CSP. |