LayoutTests/http/tests/security/contentSecurityPolicy/strict-dynamic-mixed-order-unsafe-inline.html - WebKit - Git at Google

 <!DOCTYPE html>
 <html>
 <head>
     <meta http-equiv="Content-Security-Policy" content="script-src 'strict-dynamic' 'unsafe-inline' 'nonce-dummy'">
         <script src="/js-test-resources/testharness.js" nonce='dummy'></script>
         <script src="/js-test-resources/testharnessreport.js" nonce='dummy'></script>
 </head>
 <body>
     <script nonce='dummy'>
         async_test(function(t) {
             window.addEventListener('securitypolicyviolation', t.step_func_done(function(e) {
                 assert_equals(e.effectiveDirective, 'script-src-elem');
             }));
         }, 'All the expected CSP violation reports have been fired.');
     </script>
     <script nonce='wrong'>
         assert_unreached('Inline script with an incorrect nonce should not be executed.');
     </script>
 </body>
 </html>
	<!DOCTYPE html>
	<html>
	<head>
	<meta http-equiv="Content-Security-Policy" content="script-src 'strict-dynamic' 'unsafe-inline' 'nonce-dummy'">
	<script src="/js-test-resources/testharness.js" nonce='dummy'></script>
	<script src="/js-test-resources/testharnessreport.js" nonce='dummy'></script>
	</head>
	<body>
	<script nonce='dummy'>
	async_test(function(t) {
	window.addEventListener('securitypolicyviolation', t.step_func_done(function(e) {
	assert_equals(e.effectiveDirective, 'script-src-elem');
	}));
	}, 'All the expected CSP violation reports have been fired.');
	</script>
	<script nonce='wrong'>
	assert_unreached('Inline script with an incorrect nonce should not be executed.');
	</script>
	</body>
	</html>