<!DOCTYPE html>
<title>script-src allows Wasm execution</title>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline';">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script>
setup({allow_uncaught_exception: true});
const test_load = async_test(
"Importing a WebAssembly module should be allowed by script-src CSP.");
window.log = [];
document.addEventListener("securitypolicyviolation", (e) => {
window.log.push(e.violatedDirective);
});
window.addEventListener("load", test_load.step_func_done(ev => {
assert_array_equals(log, ["executed"]);
}));
</script>
<script type="module" src="./resources/execute-start.wasm"></script>
Codebase Browser
chromium