Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/source-list-parsing-06.html 

<!DOCTYPE html>
<html>
<head>
<script src='resources/multiple-iframe-test.js'></script>
<script>
var tests = [
    ['yes', 'script-src http://127.0.0.1:*/', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:*/path', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:*/path?query=string', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:*/path#anchor', 'resources/script.js'],
    ['yes', 'script-src http://127.0.0.1:8000/', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:8000/path', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:8000/path?query=string', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:8000/path#anchor', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:8000/thisisa;pathwithasemicolon', 'resources/script.js'],
    ['no', 'script-src http://127.0.0.1:8000/this is a path with spaces', 'resources/script.js'],
];
</script>
</head>
<body onload="test()">
  <p>
    Paths should be ignored when evaluating sources. This test passes if FAIL
    does not appear in the output, and each of the tests generates a warning
    about the path component.
  </p>