Function() called as a constructor should throw without 'unsafe-eval' script-src directive.

Summary

Harness status: OK

Found 2 tests

2 Pass

Details

Result

Test Name

Message

Pass

Test that securitypolicyviolation event is fired

Asserts run

Pass	assert_equals("script-src", "script-src") at Test.<anonymous> ( /content-security-policy/script-src/script-src-1_4_2.html:17:13)

Pass

Unsafe eval ran in Function() constructor.

Asserts run

Pass

assert_throws_js(function "function EvalError() { [native code] }", function "function() {                     var funq = new Function('');                     funq();         }")
    at Test.<anonymous> ( /content-security-policy/script-src/script-src-1_4_2.html:22:13)