diff --git a/csp/CSP_1_1.php b/csp/CSP_1_1.php
new file mode 100755
index 00000000000000..c791386f686ea0
--- /dev/null
+++ b/csp/CSP_1_1.php
@@ -0,0 +1,66 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_10.php b/csp/CSP_1_10.php
new file mode 100755
index 00000000000000..39e7700ee309fe
--- /dev/null
+++ b/csp/CSP_1_10.php
@@ -0,0 +1,64 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_10_1.php b/csp/CSP_1_10_1.php
new file mode 100755
index 00000000000000..6047f50f4d19ed
--- /dev/null
+++ b/csp/CSP_1_10_1.php
@@ -0,0 +1,56 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_2.php b/csp/CSP_1_2.php
new file mode 100755
index 00000000000000..73725f66c19952
--- /dev/null
+++ b/csp/CSP_1_2.php
@@ -0,0 +1,66 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_2_1.php b/csp/CSP_1_2_1.php
new file mode 100755
index 00000000000000..e2745c01e4f383
--- /dev/null
+++ b/csp/CSP_1_2_1.php
@@ -0,0 +1,72 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_2_4.php b/csp/CSP_1_2_4.php
new file mode 100755
index 00000000000000..166c31c4951317
--- /dev/null
+++ b/csp/CSP_1_2_4.php
@@ -0,0 +1,46 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_2_4_inner.php b/csp/CSP_1_2_4_inner.php
new file mode 100755
index 00000000000000..f17713cc976684
--- /dev/null
+++ b/csp/CSP_1_2_4_inner.php
@@ -0,0 +1,58 @@
+
+
+EOXMLD;
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_3.php b/csp/CSP_1_3.php
new file mode 100755
index 00000000000000..a31efc1ce14139
--- /dev/null
+++ b/csp/CSP_1_3.php
@@ -0,0 +1,63 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_4.php b/csp/CSP_1_4.php
new file mode 100755
index 00000000000000..6302ddb929f35f
--- /dev/null
+++ b/csp/CSP_1_4.php
@@ -0,0 +1,68 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_4_1.php b/csp/CSP_1_4_1.php
new file mode 100755
index 00000000000000..aca9892482d0a6
--- /dev/null
+++ b/csp/CSP_1_4_1.php
@@ -0,0 +1,72 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_4_2.php b/csp/CSP_1_4_2.php
new file mode 100755
index 00000000000000..2e054e6061bc81
--- /dev/null
+++ b/csp/CSP_1_4_2.php
@@ -0,0 +1,71 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_5.php b/csp/CSP_1_5.php
new file mode 100755
index 00000000000000..9836b70f56c99d
--- /dev/null
+++ b/csp/CSP_1_5.php
@@ -0,0 +1,66 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_6.php b/csp/CSP_1_6.php
new file mode 100755
index 00000000000000..a23de6128ce229
--- /dev/null
+++ b/csp/CSP_1_6.php
@@ -0,0 +1,67 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/CSP_1_7.php b/csp/CSP_1_7.php
new file mode 100755
index 00000000000000..d6517cc83dfd4f
--- /dev/null
+++ b/csp/CSP_1_7.php
@@ -0,0 +1,49 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Click here. If you see a popup, the test has failed.
+
+
+
diff --git a/csp/CSP_ExampleTest.php b/csp/CSP_ExampleTest.php
new file mode 100755
index 00000000000000..67b72ed01bba33
--- /dev/null
+++ b/csp/CSP_ExampleTest.php
@@ -0,0 +1,66 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/MANIFEST b/csp/MANIFEST
new file mode 100644
index 00000000000000..5b3ade4f0cfb7b
--- /dev/null
+++ b/csp/MANIFEST
@@ -0,0 +1,15 @@
+support support/clearCookies.html
+CSP_1_1.php
+CSP_1_2.php
+CSP_1_2_1.php
+CSP_1_2_4.php
+CSP_1_3.php
+CSP_1_4.php
+CSP_1_4_1.php
+CSP_1_4_2.php
+CSP_1_5.php
+CSP_1_6.php
+CSP_1_10.php
+CSP_1_10_1.php
+manual CSP_1_7.php
+support support/clearCookies.html
diff --git a/csp/support/.checkReportFieldHtml.php.swp b/csp/support/.checkReportFieldHtml.php.swp
new file mode 100644
index 00000000000000..f4f64660145121
Binary files /dev/null and b/csp/support/.checkReportFieldHtml.php.swp differ
diff --git a/csp/support/addInlineTestsWithDOMManipulation.js b/csp/support/addInlineTestsWithDOMManipulation.js
new file mode 100644
index 00000000000000..2650b347bc95ef
--- /dev/null
+++ b/csp/support/addInlineTestsWithDOMManipulation.js
@@ -0,0 +1,22 @@
+(function ()
+{
+ var attachPoint = document.getElementById('attachHere');
+
+ var inlineScript = document.createElement('script');
+ var scriptText = document.createTextNode('test(function() {assert_false(true, "Unsafe inline script ran - createTextNode.")});');
+
+ inlineScript.appendChild(scriptText);
+
+ attachPoint.appendChild(inlineScript);
+
+ document.getElementById('emptyScript').innerHTML = 'test(function() {assert_false(true, "Unsafe inline script ran - innerHTML.")});';
+
+ // Note, this doesn't execute in Chrome 27 even without CSP.
+ document.getElementById('emptyDiv').outerHTML = '';
+
+
+ document.write('');
+ document.writeln('');
+
+
+})();
diff --git a/csp/support/checkReportFieldHtml.php b/csp/support/checkReportFieldHtml.php
new file mode 100644
index 00000000000000..2eb4fe095d7150
--- /dev/null
+++ b/csp/support/checkReportFieldHtml.php
@@ -0,0 +1,22 @@
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/support/checkReportFieldJs.php b/csp/support/checkReportFieldJs.php
new file mode 100644
index 00000000000000..7500277a6693e9
--- /dev/null
+++ b/csp/support/checkReportFieldJs.php
@@ -0,0 +1,63 @@
+
+
+(function ()
+{
+ function createCookie(name,value,days) {
+ if (days) {
+ var date = new Date();
+ date.setTime(date.getTime()+(days*24*60*60*1000));
+ var expires = "; expires="+date.toGMTString();
+ }
+ else var expires = "";
+ document.cookie = name+"="+value+expires+"; path=/";
+}
+
+ function readCookie(name) {
+ var nameEQ = name + "=";
+ var ca = document.cookie.split(';');
+ for(var i=0;i < ca.length;i++) {
+ var c = ca[i];
+ while (c.charAt(0)==' ') c = c.substring(1,c.length);
+ if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);
+ undefined}
+ return null;
+}
+
+ function eraseCookie(name) {
+ createCookie(name,"",-1);
+}
+
+function reportdecode (str) {
+
+ if(str!= null){ str = str.replace(/"/g, '$'); }
+
+ return decodeURIComponent((str + '').replace(/\+/g, '%20'));
+}
+ test(function() {
+
+ var x = reportdecode(readCookie());
+ eraseCookie();
+
+ report = JSON.parse(x);
+
+ assert_false(report === null, "Report not sent.");
+ assert_equals(report['csp-report'][],);
+
+}, "Verify report contents.");
+
+})();
+
diff --git a/csp/support/clearCookies.html b/csp/support/clearCookies.html
new file mode 100644
index 00000000000000..453efc0e55a717
--- /dev/null
+++ b/csp/support/clearCookies.html
@@ -0,0 +1,12 @@
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/support/evalSuccess.php b/csp/support/evalSuccess.php
new file mode 100755
index 00000000000000..bca9b4e8511831
--- /dev/null
+++ b/csp/support/evalSuccess.php
@@ -0,0 +1,7 @@
+
+(function ()
+{
+ eval('test(function() {assert_true(true)}, "Generic positive signal that test suite is working...");');
+})()
diff --git a/csp/support/fail.php b/csp/support/fail.php
new file mode 100755
index 00000000000000..3120504f6a8fcb
--- /dev/null
+++ b/csp/support/fail.php
@@ -0,0 +1,7 @@
+
+(function ()
+{
+ test(function() {assert_true(false)}, "Script should not execute from "+document.location);
+})()
diff --git a/csp/support/loadRetargeted.php b/csp/support/loadRetargeted.php
new file mode 100755
index 00000000000000..bc319078121708
--- /dev/null
+++ b/csp/support/loadRetargeted.php
@@ -0,0 +1,37 @@
+
+(function ()
+{
+ var attachPoint = document.getElementById();
+
+ var newElem = document.createElement();
+
+
+ var newSrc = "";
+
+ newSrc += ;
+ newSrc += "//";
+ newSrc += ;
+ newSrc += ;
+
+ pathComponents = window.location.pathname.split('/');
+ for(var i = 0; i < pathComponents.length - 1; i++)
+ {
+ newSrc += pathComponents[i] + "/";
+ }
+
+ newSrc += "";
+
+ newElem.src = newSrc;
+
+ attachPoint.appendChild(newElem);
+
+
+})()
diff --git a/csp/support/setReportAsCookie.php b/csp/support/setReportAsCookie.php
new file mode 100644
index 00000000000000..6b9cf119b4f90c
--- /dev/null
+++ b/csp/support/setReportAsCookie.php
@@ -0,0 +1,12 @@
+
diff --git a/csp/support/success.php b/csp/support/success.php
new file mode 100755
index 00000000000000..87c5ec99dd4a34
--- /dev/null
+++ b/csp/support/success.php
@@ -0,0 +1,7 @@
+
+(function ()
+{
+ test(function() {assert_true(true)}, "Generic positive signal that test suite is working...");
+})()
diff --git a/csp/support/test.xsl.php b/csp/support/test.xsl.php
new file mode 100644
index 00000000000000..ef1e2daa552361
--- /dev/null
+++ b/csp/support/test.xsl.php
@@ -0,0 +1,18 @@
+
+
+EOXML;
+?>
+
+
+
+
diff --git a/csp/support/verifyNoReportHtml.php b/csp/support/verifyNoReportHtml.php
new file mode 100644
index 00000000000000..6eb5dfa77d5def
--- /dev/null
+++ b/csp/support/verifyNoReportHtml.php
@@ -0,0 +1,22 @@
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/csp/support/verifyNoReportJs.php b/csp/support/verifyNoReportJs.php
new file mode 100644
index 00000000000000..0305eda814e9fc
--- /dev/null
+++ b/csp/support/verifyNoReportJs.php
@@ -0,0 +1,60 @@
+
+
+(function ()
+{
+
+ function readCookie(name) {
+ var nameEQ = name + "=";
+ var ca = document.cookie.split(';');
+ for(var i=0;i < ca.length;i++) {
+ var c = ca[i];
+ while (c.charAt(0)==' ') c = c.substring(1,c.length);
+ if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);
+ undefined}
+ return null;
+}
+
+ function createCookie(name,value,days) {
+ if (days) {
+ var date = new Date();
+ date.setTime(date.getTime()+(days*24*60*60*1000));
+ var expires = "; expires="+date.toGMTString();
+ }
+ else var expires = "";
+ document.cookie = name+"="+value+expires+"; path=/";
+}
+
+ function eraseCookie(name) {
+ createCookie(name,"",-1);
+}
+
+function reportdecode (str) {
+
+ if(str!= null){ str = str.replace(/"/g, '$'); }
+
+ return decodeURIComponent((str + '').replace(/\+/g, '%20'));
+}
+ test(function() {
+
+ var x = reportdecode(readCookie());
+ assert_equals(x, "null");
+ eraseCookie();
+
+}, "Verified no report sent.");
+
+})();
+