| <!doctype html> |
| <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline'"> |
| <script src="/resources/testharness.js"></script> |
| <script src="/resources/testharnessreport.js"></script> |
| <script> |
| async_test(t => { |
| var watcher = new EventWatcher(t, document, 'securitypolicyviolation'); |
| watcher.wait_for('securitypolicyviolation').then(t.step_func_done(e => { |
| assert_equals(e.blockedURI, "eval"); |
| assert_equals(e.lineNumber, 15); |
| assert_equals(e.columnNumber, 12); |
| })); |
| |
| try { |
| eval("assert_unreached('eval() should be blocked."); |
| } catch (e) { |
| assert_equals(e.name, 'EvalError'); |
| } |
| }, "Eval violations have a blockedURI of 'eval'"); |
| </script> |