diff --git a/content-security-policy/generic/304-response-should-update-csp.sub.html b/content-security-policy/generic/304-response-should-update-csp.sub.html
new file mode 100644
index 000000000000000..b16eadaedc07ca9
--- /dev/null
+++ b/content-security-policy/generic/304-response-should-update-csp.sub.html
@@ -0,0 +1,52 @@
+
+
+
+
+
+ Test that a 304 response will update the CSP header
+
+
+
+
+
+
diff --git a/content-security-policy/generic/support/304-response.py b/content-security-policy/generic/support/304-response.py
new file mode 100644
index 000000000000000..4980937eab7f7d0
--- /dev/null
+++ b/content-security-policy/generic/support/304-response.py
@@ -0,0 +1,33 @@
+def main(request, response):
+ if request.headers.get("If-None-Match"):
+ # we are now receing the second request, we will send back a different CSP
+ # with the 304 response
+ response.status = 304
+ headers = [("Content-Type", "text/html"),
+ ("Content-Security-Policy", "script-src 'nonce-def' 'sha256-IIB78ZS1RMMrAWpsLg/RrDbVPhI14rKm3sFOeKPYulw=';"),
+ ("Cache-Control", "private, max-age=0, must-revalidate"),
+ ("ETag", "123456")]
+ return headers, ""
+ else:
+ headers = [("Content-Type", "text/html"),
+ ("Content-Security-Policy", "script-src 'nonce-abc' 'sha256-IIB78ZS1RMMrAWpsLg/RrDbVPhI14rKm3sFOeKPYulw=';"),
+ ("Cache-Control", "private, max-age=0, must-revalidate"),
+ ("Etag", "123456")]
+ return headers, '''
+
+
+
+
+
+
+
+
+'''
diff --git a/fetch/http-cache/304-update.html b/fetch/http-cache/304-update.html
index f0bd82196e57b8e..d6d8481e8742781 100644
--- a/fetch/http-cache/304-update.html
+++ b/fetch/http-cache/304-update.html
@@ -120,6 +120,36 @@
}
]
},
+ {
+ name: "Content-* header",
+ requests: [
+ {
+ response_headers: [
+ ["Expires", -5000],
+ ["ETag", "GHI"],
+ ["Content-Test-Header", "A"]
+ ]
+ },
+ {
+ response_headers: [
+ ["Expires", 3000],
+ ["ETag", "GHI"],
+ ["Content-Test-Header", "B"]
+ ],
+ expected_type: "etag_validated",
+ expected_response_headers: [
+ ["Content-Test-Header", "B"]
+ ],
+ pause_after: true
+ },
+ {
+ expected_type: "cached",
+ expected_response_headers: [
+ ["Content-Test-Header", "B"]
+ ]
+ }
+ ]
+ },
];
run_tests(tests);