chromium/third_party/blink/web_tests/http/tests/security/isolatedWorld/no-bypass-main-world-csp-for-delayed-execution.html

<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Security-Policy" content="script-src 'self'">
    <script src="./resources/no-bypass-main-world-csp-for-delayed-execution.js"></script>
</head>
<body>
    <p>
        Test a script that bypasses the main world's CSP to see if its
        *content* bypasses the main world as well (it should not).
    </p>
</body>
</html>