| <!DOCTYPE html> |
| <html> |
| <head> |
| <meta http-equiv="Content-Security-Policy" content="script-src 'nonce-noncynonce'"></meta> |
| </head> |
| <body> |
| Script preloaded: <span id='preloaded'>UNKNOWN</span><br> |
| <script nonce="noncynonce"> |
| if (window.internals) { |
| var preloaded = internals.isPreloaded("../resources/redir.php?url=http://localhost:8000/security/contentSecurityPolicy/resources/alert-pass.js"); |
| document.querySelector("#preloaded").innerText = preloaded ? "YES" : "NO"; |
| } |
| </script> |
| This tests whether a deferred script load caused by a redirect is properly allowed by a nonce. |
| <script nonce='noncynonce' src='../resources/redir.php?url=http://localhost:8000/security/contentSecurityPolicy/resources/alert-pass.js'></script> |
| <script nonce="noncynonce"> |
| if (window.testRunner) |
| testRunner.dumpAsText(); |
| </script> |
| </body> |
| </html> |