<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'sha256-hW5xR0AXJuB1wVNtq47Nluq/EXiQSC6QluHBVF3emOM=' 'sha256-n8xN1Y8E6rPXuE8Iv++3Y3Smm6W4OGH6gqfZV7H8F1E=' 'nonce-nonceynonce'">
<script nonce="nonceynonce">
if (window.testRunner)
testRunner.dumpAsText();
alert('PASS (1/3)');
</script>
<script>
alert('PASS (2/3)');
</script>
<script nonce="nonceynonce">
alert('PASS (3/3)');
</script>
<script>
alert('FAIL (1/2)');
</script>
<script nonce="notanonce">
alert('FAIL (2/2)');
</script>
</head>
<body>
<p>
This tests the combined use of script hash and script nonce. It
passes if two console warnings are visible and the three alerts show
PASS.
</p>
</body>
</html>
Codebase Browser
chromium