diff --git a/testing/web-platform/meta/MANIFEST.json b/testing/web-platform/meta/MANIFEST.json
index 460e2536aa3c..33a0f21afeb5 100644
--- a/testing/web-platform/meta/MANIFEST.json
+++ b/testing/web-platform/meta/MANIFEST.json
@@ -216848,6 +216848,11 @@
{}
]
],
+ "content-security-policy/unsafe-hashes/support/child_window_location_navigate.sub.html": [
+ [
+ {}
+ ]
+ ],
"cookie-store/META.yml": [
[
{}
@@ -313448,9 +313453,9 @@
{}
]
],
- "content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashed_attributes.html": [
+ "content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html": [
[
- "/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashed_attributes.html",
+ "/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html",
{}
]
],
@@ -315332,21 +315337,111 @@
{}
]
],
- "content-security-policy/unsafe-hashed-attributes/script_event_handlers_allowed.html": [
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-href.html": [
[
- "/content-security-policy/unsafe-hashed-attributes/script_event_handlers_allowed.html",
+ "/content-security-policy/unsafe-hashes/javascript_src_allowed-href.html",
{}
]
],
- "content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_matching_hash_no_unsafe_inline_attribute.html": [
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html": [
[
- "/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_matching_hash_no_unsafe_inline_attribute.html",
+ "/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html",
{}
]
],
- "content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_not_matching_hash.html": [
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html": [
[
- "/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_not_matching_hash.html",
+ "/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html": [
+ [
+ "/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/script_event_handlers_allowed.html": [
+ [
+ "/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html": [
+ [
+ "/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html": [
+ [
+ "/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/style_attribute_allowed.html": [
+ [
+ "/content-security-policy/unsafe-hashes/style_attribute_allowed.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html": [
+ [
+ "/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html",
+ {}
+ ]
+ ],
+ "content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html": [
+ [
+ "/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html",
{}
]
],
@@ -437667,8 +437762,8 @@
"8d1a3cb1754e08585851553defc828f424e3f402",
"testharness"
],
- "content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashed_attributes.html": [
- "f6888b5ea15ed20082ff9b2d323af0a495b9fe56",
+ "content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html": [
+ "221c608dd2ac6af81550ca6211c20a90e9f45dad",
"testharness"
],
"content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html": [
@@ -439679,18 +439774,82 @@
"2676e375c60899dbd2281b49e01e82e1b3d9451e",
"testharness"
],
- "content-security-policy/unsafe-hashed-attributes/script_event_handlers_allowed.html": [
- "3dac897440d3bcca283c606c51d23a9d37c66a62",
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-href.html": [
+ "2bd3fb3fae8a5bc7a25d17670b47327b8584a88c",
"testharness"
],
- "content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_matching_hash_no_unsafe_inline_attribute.html": [
- "2864ff4485ab5fee87000898cba6c9d786586684",
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html": [
+ "349baa33e86ccd020758817ef25503f6b5dddaa1",
"testharness"
],
- "content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_not_matching_hash.html": [
- "d4f78683e9e76a341134c34be726d435d113b71b",
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html": [
+ "979110bfd5000798d635d3ccdd44acfcdcec8e0d",
"testharness"
],
+ "content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html": [
+ "1f6ce394551c57a521ce8df202cce59d8b27b0a0",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html": [
+ "8ebd1793dfc9ef510e0c78e19e02719e2a30f526",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html": [
+ "a8a9080c1a1f7c26c1b30e9d43e13f53f4576360",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html": [
+ "4ac5fac6f6c58c8c172ed02594d73f631799cf7a",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html": [
+ "f62182571c99ce20bdb7ff7c94592355a6b41743",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html": [
+ "5cefbd1b0017f318ea83b77e4766b0ed4b4295dd",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html": [
+ "4c12e6e13a95ad4fd6222d93427a48257f3a0b77",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html": [
+ "401d00812bcb6aee37f5779f2794ecbb6792a7dc",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html": [
+ "20348d6da0ecdb7f5295bc704191cd217dd726b6",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/script_event_handlers_allowed.html": [
+ "e8e57afe913c38d603d1e7256412b33a1b333004",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html": [
+ "9e80d3eb04bb86ea53eb8cce065490550fd19e79",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html": [
+ "76831255a317844b60de42cb137ddbef52aa81b9",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/style_attribute_allowed.html": [
+ "02676f3fe19f2da59f166f2a7be071a4071615c6",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html": [
+ "759d2d1ba03562cce5a4c24327e0cd63fe297cd5",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html": [
+ "6cc4455b0d5afa4c23ee5e8eb0c33969149fd36c",
+ "testharness"
+ ],
+ "content-security-policy/unsafe-hashes/support/child_window_location_navigate.sub.html": [
+ "02990045a9427bfb19b439bb0691d0a5ed56453a",
+ "support"
+ ],
"content-security-policy/worker-src/dedicated-child.sub.html": [
"fb394b266d3c21a44d7f0edfbbcc5d5ff31e8b6f",
"testharness"
@@ -588560,11 +588719,11 @@
"testharness"
],
"html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-classic.html": [
- "d49f673f10045316bf897ded5d0cd24ab3933a5b",
+ "fd4a01519ff3b522b95b5b5f81a2c9f5f6672e49",
"testharness"
],
"html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-module.html": [
- "2566b1d80cd2617c62667c300fe9568a640fe1a5",
+ "0ee0b781ac22fc0382f51ac4aae6087536dd42d4",
"testharness"
],
"html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-of-promise-result.html": [
diff --git a/testing/web-platform/tests/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashed_attributes.html b/testing/web-platform/tests/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html
similarity index 70%
rename from testing/web-platform/tests/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashed_attributes.html
rename to testing/web-platform/tests/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html
index 889210c253a0..2d5fa1574a16 100644
--- a/testing/web-platform/tests/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashed_attributes.html
+++ b/testing/web-platform/tests/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html
@@ -1,7 +1,7 @@
-Embedded Enforcement: Subsumption Algorithm - 'unsafe-hashed-attributes' keyword.
+Embedded Enforcement: Subsumption Algorithm - 'unsafe-hashes' keyword.
@@ -9,36 +9,36 @@
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html
new file mode 100644
index 000000000000..30d05ee04f5c
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html
@@ -0,0 +1,26 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html
new file mode 100644
index 000000000000..7dfb7b572f97
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html
@@ -0,0 +1,27 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html
new file mode 100644
index 000000000000..970290e3f6f8
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html
new file mode 100644
index 000000000000..f53a2e924c34
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href.html
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html
new file mode 100644
index 000000000000..6b9f60ce368d
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html
new file mode 100644
index 000000000000..c014bd1554a8
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html
@@ -0,0 +1,27 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html
new file mode 100644
index 000000000000..3667f8016fa9
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html
@@ -0,0 +1,30 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html
new file mode 100644
index 000000000000..adae81b0c061
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html
new file mode 100644
index 000000000000..470283e10be3
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html
new file mode 100644
index 000000000000..cfb8d6b958e0
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html
@@ -0,0 +1,27 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html
new file mode 100644
index 000000000000..8314e6ab911e
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html
@@ -0,0 +1,30 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_allowed.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html
similarity index 80%
rename from testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_allowed.html
rename to testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html
index 17f19384dad1..cd7855998faa 100644
--- a/testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_allowed.html
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html
@@ -2,8 +2,8 @@
-
- Event handlers should be allowed if a matching hash and 'unsafe-hashed-attributes' are present
+
+ Event handlers should be allowed if a matching hash and 'unsafe-hashes' are present
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_matching_hash_no_unsafe_inline_attribute.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html
similarity index 94%
rename from testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_matching_hash_no_unsafe_inline_attribute.html
rename to testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html
index 1dae30cbbdd6..0323dda50b7b 100644
--- a/testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_matching_hash_no_unsafe_inline_attribute.html
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html
@@ -3,7 +3,7 @@
- Event handlers should not be allowed if a matching hash is present without 'unsafe-hashed-attributes'
+ Event handlers should not be allowed if a matching hash is present without 'unsafe-hashes'
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_not_matching_hash.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html
similarity index 91%
rename from testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_not_matching_hash.html
rename to testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html
index 993ed550d4e7..b9b13572c3ba 100644
--- a/testing/web-platform/tests/content-security-policy/unsafe-hashed-attributes/script_event_handlers_denied_not_matching_hash.html
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html
@@ -2,7 +2,7 @@
-
+
Event handlers should be not allowed if a matching hash is not present
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_allowed.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_allowed.html
new file mode 100644
index 000000000000..69657efda7e1
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_allowed.html
@@ -0,0 +1,31 @@
+
+
+
+
+
+
+ Event handlers should be allowed if a matching hash and 'unsafe-hashes' are present
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html
new file mode 100644
index 000000000000..66be2c3d8072
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+ Event handlers should be allowed if a matching hash and 'unsafe-hashes' are present
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html
new file mode 100644
index 000000000000..32ca66a8a8b8
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+ Event handlers should be allowed if a matching hash and 'unsafe-hashes' are present
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/content-security-policy/unsafe-hashes/support/child_window_location_navigate.sub.html b/testing/web-platform/tests/content-security-policy/unsafe-hashes/support/child_window_location_navigate.sub.html
new file mode 100644
index 000000000000..b6e60467b648
--- /dev/null
+++ b/testing/web-platform/tests/content-security-policy/unsafe-hashes/support/child_window_location_navigate.sub.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-classic.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-classic.html
index 6191827e234e..33714c70ca60 100644
--- a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-classic.html
+++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-classic.html
@@ -3,7 +3,7 @@
import() inside compiled strings uses the appropriate nonce inside a classic script
-
+
@@ -74,7 +74,7 @@ promise_test(t => {
const promise = createTestPromise(t);
- // This only works because of the 'unsafe-hashed-attributes' and the hash in the CSP policy
+ // This only works because of the 'unsafe-hashes' and the hash in the CSP policy
dummyDiv.setAttribute(
"onclick",
`import('../imports-a.js?label=reflected inline event handlers').then(window.continueTest, window.errorTest)`
@@ -91,7 +91,7 @@ promise_test(t => {
const promise = createTestPromise(t);
- // This only works because of the 'unsafe-hashed-attributes' and the hash in the CSP policy
+ // This only works because of the 'unsafe-hashes' and the hash in the CSP policy
dummyDiv.setAttribute(
"onclick",
`import('../imports-a.js?label=inline event handlers triggered via UA code').then(window.continueTest, window.errorTest)`
diff --git a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-module.html b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-module.html
index 3e09dd6d4b9b..9411acd2a07b 100644
--- a/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-module.html
+++ b/testing/web-platform/tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/string-compilation-nonce-module.html
@@ -3,7 +3,7 @@
import() inside compiled strings uses the appropriate nonce inside a module script
-
+
@@ -73,7 +73,7 @@ promise_test(t => {
const promise = createTestPromise(t);
- // This only works because of the 'unsafe-hashed-attributes' and the hash in the CSP policy
+ // This only works because of the 'unsafe-hashes' and the hash in the CSP policy
dummyDiv.setAttribute(
"onclick",
`import('../imports-a.js?label=reflected inline event handlers').then(window.continueTest, window.errorTest)`
@@ -90,7 +90,7 @@ promise_test(t => {
const promise = createTestPromise(t);
- // This only works because of the 'unsafe-hashed-attributes' and the hash in the CSP policy
+ // This only works because of the 'unsafe-hashes' and the hash in the CSP policy
dummyDiv.setAttribute(
"onclick",
`import('../imports-a.js?label=inline event handlers triggered via UA code').then(window.continueTest, window.errorTest)`