third_party/blink/web_tests/external/wpt/origin-policy/origin-policy-single-report.https.tentative.html - chromium/src - Git at Google

 <!DOCTYPE HTML>
 <html>
 <head>
   <script src='/resources/testharness.js'></script>
   <script src='/resources/testharnessreport.js'></script>
 </head>
 <body>
   <iframe id=frame></iframe>
   <script>
     async_test(t => {
       let violations = [];
       window.addEventListener("message", (e) => {
         violations.push(e);
         t.step_timeout(() => {
           assert_equals(violations.length, 1);
           t.done();
         });
       });

       let forbidden_image = "<img src=https://127.0.0.1:1234/bla.jpg>";
       let event_bouncer = "<script>document.addEventListener(" +
           "'securitypolicyviolation'," +
           "(e) => window.parent.postMessage(e.blockedURI, '*'));</sc" +
           "ript>";
       document.getElementById("frame").src =
         "data:text/html;charset=utf-8," + event_bouncer + forbidden_image;
     }, "Origin-Policy-based CSP violation should trigger 1 violation event");
   </script>
 </body>
 </html>
	<!DOCTYPE HTML>
	<html>
	<head>
	<script src='/resources/testharness.js'></script>
	<script src='/resources/testharnessreport.js'></script>
	</head>
	<body>
	<iframe id=frame></iframe>
	<script>
	async_test(t => {
	let violations = [];
	window.addEventListener("message", (e) => {
	violations.push(e);
	t.step_timeout(() => {
	assert_equals(violations.length, 1);
	t.done();
	});
	});

	let forbidden_image = "<img src=https://127.0.0.1:1234/bla.jpg>";
	let event_bouncer = "<script>document.addEventListener(" +
	"'securitypolicyviolation'," +
	"(e) => window.parent.postMessage(e.blockedURI, '*'));</sc" +
	"ript>";
	document.getElementById("frame").src =
	"data:text/html;charset=utf-8," + event_bouncer + forbidden_image;
	}, "Origin-Policy-based CSP violation should trigger 1 violation event");
	</script>
	</body>
	</html>