Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/inspector-protocol/resources/content-security-policy-issue-inline-script.php 

<?php
header("Content-Security-Policy: script-src 'self';");
?>
<!DOCTYPE html>
<html>
  <body>
    <h2>Webpage with not allowed inline &lt;script&gt;</h2>

    <script>alert('Hello World!')</script>
  </body>
</html>