| CONSOLE MESSAGE: The Content Security Policy 'script-src 'nonce-abc';' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. |
| CONSOLE MESSAGE: Refused to load http://localhost:8800/content-security-policy/script-src/externalScript.js because it does not appear in the script-src directive of the Content Security Policy. |
| CONSOLE MESSAGE: [Report Only] Refused to load http://localhost:8800/content-security-policy/script-src/externalScript.js because it does not appear in the script-src directive of the Content Security Policy. |
| CONSOLE MESSAGE: Refused to load http://localhost:8800/content-security-policy/script-src/externalScript.js because it does not appear in the script-src directive of the Content Security Policy. |
| CONSOLE MESSAGE: [Report Only] Refused to load http://localhost:8800/content-security-policy/script-src/externalScript.js because it does not appear in the script-src directive of the Content Security Policy. |
| |
| Harness Error (TIMEOUT), message = null |
| |
| NOTRUN Should fire securitypolicyviolation event |
| FAIL External script in a script tag with matching SRI hash should run. assert_true: External script ran. expected true got false |
| |