1 files changed, 42 insertions, 0 deletions

diff --git a/testing/web-platform/tests/content-security-policy/blink-contrib-2/scripthash-allowed.sub.html b/testing/web-platform/tests/content-security-policy/blink-contrib-2/scripthash-allowed.sub.html
new file mode 100644
index 000000000..a7a217448
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/blink-contrib-2/scripthash-allowed.sub.html
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+    <!-- Programmatically converted from a WebKit Reftest, please forgive resulting idiosyncracies.-->
+    <title>scripthash-allowed</title>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/content-security-policy/support/alertAssert.sub.js?alerts=%5B%22PASS%20(1%2F4)%22%2C%22PASS%20(2%2F4)%22%2C%22PASS%20(3%2F4)%22%2C%22PASS%20(4%2F4)%22%5D">
+
+
+    </script>
+    <!-- enforcing policy:
+script-src 'self' 'sha256-IFmozo9WnnsMXVl/Ka8XzJ3Nd8yzS2zA2ME0mwtd+Ck=' 'sha256-jSpTmJKcrnHttKdYM/wCCDJoQY5tdSxNf7zd2prwFfI=' 'sha256-qbgA2XjB2EZKjn/UmK7v/K77t+fvfxA89QT/K9qPNyE=' 'sha256-K+7X5Ip3msvRvyQzf6fkrWZziuhaUIee1aLnlP5nX10='; connect-src 'self';
+-->
+    <script>
+        alert_assert('PASS (1/4)');
+
+    </script>
+    <script>
+        alert_assert('PASS (2/4)');
+
+    </script>
+    <script>
+        alert_assert('PASS (3/4)');
+
+    </script>
+    <script>
+        alert_assert('PASS (4/4)');
+
+    </script>
+</head>
+
+<body>
+    <p>
+        This tests the effect of a valid script-hash value. It passes if no CSP violation is generated, and the alert_assert() is executed.
+    </p>
+    <div id="log"></div>
+    <script async defer src="../support/checkReport.sub.js?reportExists=false"></script>
+</body>
+
+</html>