chromium/third_party/blink/web_tests/http/tests/security/isolatedWorld/isolated-world-location-csp.html

<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-eval'">
<script src="resources/isolated-world-location-csp.js"></script>
</head>
<body id="body">
    <iframe id="test-frame"></iframe>
    <p>
        This tests the isolated world CSP and its implications on changing the
        window location to Javascript urls.
    </p>
</body>
</html>