CSP: Adding a test for appended script elements.

How did we not have a test for this? Crazy. BUG=429244 Review URL: https://codereview.chromium.org/701013004 git-svn-id: svn://svn.chromium.org/blink/trunk@184908 bbb929c8-8fbe-4397-9dbb-9b2b20218538

CSP: Adding a test for appended script elements.
How did we not have a test for this? Crazy. BUG=429244 Review URL: https://codereview.chromium.org/701013004 git-svn-id: svn://svn.chromium.org/blink/trunk@184908 bbb929c8-8fbe-4397-9dbb-9b2b20218538
118ee672 · mkwst@chromium.org · 08958580 · 118ee672 · 118ee672
Commit 118ee672 authored Nov 06, 2014 by mkwst@chromium.org
2 changed files
--- a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-appended-script-expected.txt
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-appended-script-expected.txt
+CONSOLE ERROR: Refused to load the script 'http://localhost:8000/security/contentSecurityPolicy/resources/script.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline'".
+
+PASS
--- a/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-appended-script.html
+++ b/third_party/WebKit/LayoutTests/http/tests/security/contentSecurityPolicy/script-src-appended-script.html
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="Content-Security-Policy" content="script-src 'unsafe-inline'">
+</head>
+<body>
+    <div id="result" text="FAIL">PASS</div>
+
+    <script>
+      if (window.testRunner)
+        testRunner.dumpAsText();
+      a=document.createElement('script');
+      a.src='http://localhost:8000/security/contentSecurityPolicy/resources/script.js';
+      document.body.appendChild(a);
+    </script>
+</body>
+</html>