Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/contentSecurityPolicy/source-list-parsing-none.html 

<!DOCTYPE html>
<html>
<head>
<script src='resources/multiple-iframe-test.js'></script>
<script>
var tests = [
    ['no', 'script-src \'none\'', 'resources/script.js'],
    ['no', 'script-src      \'none\'     ', 'resources/script.js'],
    ['yes', 'script-src \'none\' http://127.0.0.1:8000', 'resources/script.js'],
    ['yes', 'script-src http://127.0.0.1:8000 \'none\'', 'resources/script.js'],
    ['no', 'script-src \'none\' \'none\' \'none\'', 'resources/script.js'],
];
</script>
</head>
<body onload="test()">
    <p>'none' should be ignored in source lists, unless it is the only token.</p>
</body>