Does specifying a file in a CSP directive prevent other files from that domain being loaded?

If I have the following script-src directive:

script-src: https://example.com/scripts/file.js;

Is it possible for any of the following scripts to be loaded?

https://example.com/file.js
https://example.com/assets/file.js
https://example.com/scripts/different-file.js

Does this apply to all browsers and CSP v2 / CSP v3?

Solution

According to the specifications for CSP v2 and CSP v3, this can be used in both v2 and v3. I would expect browsers to support it as major browsers have supported v2 for years. None of the example scripts should be loaded with the given CSP.

How to Fix "String as JavaScript" Errors in FLP? (Async Module Loading)
Prevent svelte build from including inline script as it violates CSP
insertBefore and appendChild in font awesome kit (version 5.15.4) causing csp issue only in Firefox Asp.Net Core
Vite + Vue 3 built project Content-Security-Policy Error (CSP) 'script-src "self"' because of new Function constructor in built files
Refused to load the script : Content-Security-Policy
Jenkins Content Security Policy
Does the Content Security Policy Standard support wildcard paths? If not, why doesn't it?
What is the difference between CORS and CSPs?
This document requires 'TrustedScriptURL' assignment
Electron Content Security Policy error when connecting to my api
Why are FQDN (ending with a dot) not working in CSP?
How do I show video content when Content Security Policy is in place?
Content security policy error when trying to frame Authorize.net hosted payment page
Html Error: Refused to load the script because it violates the following Content Security Policy directive
Unrecognized Content-Security-Policy directive 'script-src:'
adding security headers in wso2am-4.0.0 (sts & csp & referer headers)
Why would a REST API need a CSP?
PyQt5: How to download icon for QWebEngineView?
Stripe js script violates all the unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' and 'self' directives how it is possible?
Content Security Policy: "img-src 'self' data:"
Content Security Policy "data" not working for base64 Images in Chrome 28
Refused to create a worker from 'blob:https://x/6a...293' because it violates the following Content Security Policy directive
Content Security Policy - Determine source of blocked resource
How to detect `eval` calls when addressing UI5 modules at runtime?
Setup for Helmet and ReportURi?
Content Security Policy not blocking the loading of third party javascript
Refused to load the script because it violates the following Content Security Policy directive
javascript click function causes Content Security Policy error
CSP with NextJS 'Refused to execute inline script' in production
Google Chrome extension that I'm working on keeps throwing CSP errors