diff options
author | Michał Gołębiowski-Owczarek <m.goleb@gmail.com> | 2019-01-14 19:29:54 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-14 19:29:54 +0100 |
commit | c7c2855ed13f23322c4064407c1ed84561b95738 (patch) | |
tree | 0bae25a4dd554f3066fdc1df65ecf6ea43d81752 /test/middleware-mockserver.js | |
parent | 9cb162f6b62b6d4403060a0f0d2065d3ae96bbcc (diff) | |
download | jquery-c7c2855ed13f23322c4064407c1ed84561b95738.tar.gz jquery-c7c2855ed13f23322c4064407c1ed84561b95738.zip |
Core: Preserve CSP nonce on scripts in DOM manipulation
Fixes gh-3541
Closes gh-4269
Diffstat (limited to 'test/middleware-mockserver.js')
-rw-r--r-- | test/middleware-mockserver.js | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/test/middleware-mockserver.js b/test/middleware-mockserver.js index 09371bbe9..feed28148 100644 --- a/test/middleware-mockserver.js +++ b/test/middleware-mockserver.js @@ -207,6 +207,14 @@ var mocks = { var body = fs.readFileSync( __dirname + "/data/csp.include.html" ).toString(); resp.end( body ); }, + cspNonce: function( req, resp ) { + resp.writeHead( 200, { + "Content-Type": "text/html", + "Content-Security-Policy": "script-src 'nonce-jquery+hardcoded+nonce'; report-uri /base/test/data/mock.php?action=cspLog" + } ); + var body = fs.readFileSync( __dirname + "/data/csp-nonce.html" ).toString(); + resp.end( body ); + }, cspLog: function( req, resp ) { cspLog = "error"; resp.writeHead( 200 ); |