Codebase Browser
chromium
Go to App

chromium/third_party/blink/web_tests/http/tests/security/contentTypeOptions/nosniff-script-allowed.html 

<!DOCTYPE html>
<html>
<head>
    <title>'X-Content-Type-Options: nosniff;' allows scripts!</title>
<body>
    <script src="/js-test-resources/js-test.js"></script>
    <script>
        description('Check that script sent with an \'X-Content-Type-Options: nosniff\' header is correctly allowed if the MIME type is scripty.');
        window.jsTestIsAsync = true;

        var scriptyMimeTypes = [
            "text/javascript1.1",
            "text/javascript1.2",
            "text/javascript1.3",
            "text/livescript",
            'application/ecmascript',
            'application/javascript',
            'application/x-javascript',
            'text/ecmascript',
            'text/javascript',
            'text/jscript',
        ];

        window.scriptsSuccessfullyLoaded = 0;

        for (var i = 0; i < scriptyMimeTypes.length; i++) {
            document.write('<script src="./resources/script-with-header.pl?mime=' + scriptyMimeTypes[i] + '"><' + '/script>');
        }

        window.onload = function () {
            shouldBe('window.scriptsSuccessfullyLoaded', 'scriptyMimeTypes.length');
            finishJSTest();
        };
    </script>
</body>
</html>