<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src 'self' 'unsafe-eval'">
<script src="resources/font-src-bypass.js"></script>
</head>
<body id="body">
<p>
This test ensures that scripts run in isolated worlds marked with their
own Content Security Policy aren't affected by the page's font-src
directive.
</p>
</body>
</html>
Codebase Browser
chromium