Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed.html 

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Security-Policy" content="script-src 'sha256-dtd66nJYXaogvBFTtscKFC1m4uN0ZkQs14XI+D4yt24=' 'sha256-j+ToFnhur5mTSCwoyy4Fh29+1BNMVEZ0MBvG5db0dA4=' 'sha384-S/1WrU/8y14JzSAhjkxjd8sZLP10LDlHuH8Mi24OwMNJ6wSry7J8ln0KeaibHHBW' 'sha512-0tQJUSPHRGUYQIa2ByQWZSlUa5sI3e2tOEXF7sg5mjmsHk/EHDTTORIDyMPhDKgCmdYdb7TIrwhLrq2kEvfjHQ=='">
        <script>
            if (window.testRunner)
                testRunner.dumpAsText();
            alert('PASS (1/4)');
        </script>
        <script>
            alert('PASS (2/4)');
        </script>
        <script>
            alert('PASS (3/4)');
        </script>
        <script>
            alert('PASS (4/4)');
        </script>
    </head>
    <body>
        <p>
            This tests the effect of a valid script-hash value. It passes if no
            console warning is visible, and the alert() is executed.
        </p>
    </body>
</html>