<!DOCTYPE html> | |
<head> | |
<title>Disable eval when serving CSP test</title> | |
<script src='black_box_js_test_utils.js'></script> | |
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; | |
script-src 'unsafe-inline';" /> | |
</head> | |
<body> | |
<h1> | |
<span>ID element</span> | |
</h1> | |
<script> | |
document.addEventListener("securitypolicyviolation", (e) => { | |
onEndTest(); | |
}); | |
eval('1+3') | |
</script> | |
</body> |