[Trusted Types] Test that a policy rejection blocks eval.

Change-Id: I20ce9961645deb44bab857d69a1c641600646d65
Bug: 940927
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1911206
Commit-Queue: Stefano Sanfilippo <ssanfilippo@chromium.org>
Reviewed-by: Daniel Vogelheim <vogelheim@chromium.org>
Auto-Submit: Stefano Sanfilippo <ssanfilippo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#715230}

third_party/blink/web_tests/external/wpt/trusted-types/block-eval.tentative.html → third_party/blink/web_tests/external/wpt/trusted-types/csp-block-eval.tentative.html

@@ -10,11 +10,12 @@
 </head>
 <body>
 <script nonce="abc">
-  let p = createScript_policy(window, 1);
+  const p = createScript_policy(window, 1);
+
   test(t => {
     let a = 0;
     assert_throws(new EvalError(), _ => {
-      eval('a="hello there"')
+      eval('a="hello there"');
     });
     assert_equals(a, 0);
   }, "eval with plain string throws (both block).");

third_party/blink/web_tests/external/wpt/trusted-types/tt-block-eval.tentative.html

+<!DOCTYPE html>
+<html>
+<head>
+  <script src="/resources/testharness.js"></script>
+  <script src="/resources/testharnessreport.js"></script>
+  <meta http-equiv="Content-Security-Policy" content="trusted-types *">
+</head>
+<body>
+<script>
+  trustedTypes.createPolicy("default", {createScript: _ => null});
+
+  test(t => {
+    let a = 0;
+    assert_throws(new EvalError(), _ => {
+      eval('a="hello there"');
+    });
+    assert_equals(a, 0);
+  }, "eval blocks if the default policy rejects a value.");
+</script>