Some tests are now doing inline('<script>window.alert()</script>') which is rejected by the XSS auditor because the script source is part of the request URL.
Created attachment 327746 [details] Patch
Committed r225214: <https://trac.webkit.org/changeset/225214>
<rdar://problem/35721015>