Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-22 17:55:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1445184 [wpt PR 9992] - [Beacon API] Port beacon-cross-origin.https.html to wpt, a=testonly

Browse Source 
Automatic update from web-platform-tests[Beacon API] Port beacon-cross-origin.https.html to wpt

Despite its name, the test checks the mixed content check for sendBeacon.
This CL moves it to wpt/mixed-content.

Bug: 821294
Change-Id: Ifd264dae0fec5c4d821d61d37d61f4ebbc763516
Reviewed-on: https://chromium-review.googlesource.com/959982
Reviewed-by: Mike West <mkwst@chromium.org>
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#543105}

wpt-commits: 88e7f59976ad727b77d6fb1380ef5765762ae899
wpt-pr: 9992
wpt-commits: 88e7f59976ad727b77d6fb1380ef5765762ae899
wpt-pr: 9992
This commit is contained in:
Yutaka Hirano 2018-04-09 16:57:08 +00:00 committed by James Graham
parent 8828194973
commit 55150a19c0
32 changed files with 1062 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

270
testing/web-platform/meta/MANIFEST.json
View File

@ -286399,6 +286399,46 @@
{}
]
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
[
{}
]
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html.headers": [
[
{}
]
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
[
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
[
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html.headers": [
[
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
[
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html.headers": [
[
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html.headers": [
[
{}
]
],
"mixed-content/fetch-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
[
{}
@ -339577,6 +339617,120 @@
{}
]
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/http-csp/same-host-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/http-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/http-csp/same-host-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html": [
[
"/mixed-content/beacon-request/http-csp/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html",
{}
]
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html": [
[
"/mixed-content/beacon-request/http-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html",
{}
]
],
"mixed-content/beacon-request/meta-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/meta-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/meta-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/meta-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/meta-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html": [
[
"/mixed-content/beacon-request/meta-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/same-host-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/same-host-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/same-host-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/same-host-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/same-host-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/same-host-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html",
{}
]
],
"mixed-content/beacon-request/no-opt-in/same-host-https/top-level/no-redirect/allowed/allowed.https.html": [
[
"/mixed-content/beacon-request/no-opt-in/same-host-https/top-level/no-redirect/allowed/allowed.https.html",
{}
]
],
"mixed-content/fetch-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html": [
[
"/mixed-content/fetch-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html",
@ -573712,6 +573866,114 @@
"bf977afe3f0b5daa0e899dff1d55241352125531",
"testharness"
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html": [
"9a7a66a2fd1f04a410548b0691fa6bd07767e2ca",
"testharness"
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
"be6392b34d8a7c5e1c257d6894ed192be567a75c",
"testharness"
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html": [
"ec9fb7ca5ee63c2c94ec1c599fda84847488ea31",
"testharness"
],
"mixed-content/beacon-request/http-csp/cross-origin-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html": [
"838fb9e5d6c0a976f1978ff711f71b4b830fbd9c",
"testharness"
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
"7d20e9e36d2288e2f52984c50531bba7eeec4c59",
"testharness"
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html": [
"c93ac7834ab5a560f476c93523430070520675fd",
"testharness"
],
"mixed-content/beacon-request/http-csp/same-host-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html": [
"8b95b2cf6fcdb8294ddd0eb16f999c3d312c4d49",
"testharness"
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html": [
"d83bc79c2125bd20e741ed6ed2322a3c73e38842",
"testharness"
],
"mixed-content/beacon-request/http-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html.headers": [
"562977daf4fd9e09dc6153058804bc247cbe5354",
"support"
],
"mixed-content/beacon-request/meta-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
"7244ccaed934c8892da287d89fe4418b485bcb29",
"testharness"
],
"mixed-content/beacon-request/meta-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html": [
"04cd47a9a5cb974525428323f1e81218f911df79",
"testharness"
],
"mixed-content/beacon-request/meta-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html": [
"7386bac3932ac650ce1d729091ffe5ab7bd09942",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
"1780dbdb75192b26622c7849488a058a5f2d310c",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html": [
"ab083ef45668b3ceffa689c81546bee4786121ab",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
"7f9cd64a146504b2fc4d60f3c28ac4bee1fb51d9",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/same-host-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
"ee88f8fcf9442d1a887e0f998af0d065151ab1d1",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/same-host-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html": [
"40880807f157570f164238eb86dc2b3a6f6e0efc",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/same-host-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html": [
"94b5f5df01cde9577971f202fc28c7054c125861",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html": [
"19709011c5d1aa274bcd4a3472db7dabc280034a",
"testharness"
],
"mixed-content/beacon-request/no-opt-in/same-host-https/top-level/no-redirect/allowed/allowed.https.html": [
"85f56860a2f9bf88854ab1f732fa3e7b15995dc6",
"testharness"
],
"mixed-content/fetch-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html": [
"1b368a53bec1da5921224e4fd3ae3db4d11014d3",
"testharness"
@ -573821,7 +574083,7 @@
"testharness"
],
"mixed-content/generic/common.js": [
"7eb02bdb367f618dd7848de2c64c83bb915d3bd2",
"eb29cec6e5a930521b9526ea46c6a1d747c23a79",
"support"
],
"mixed-content/generic/expect.py": [
@ -573829,7 +574091,7 @@
"support"
],
"mixed-content/generic/mixed-content-test-case.js": [
"55980afcecb041ee23942c18b222b20eb8c5bea4",
"b09fc28dbbdfe1d5b7d9d06dfd5610d4572f8912",
"support"
],
"mixed-content/generic/sanity-checker.js": [
@ -574541,11 +574803,11 @@
"testharness"
],
"mixed-content/spec.src.json": [
"1e46012ca5e1f0892e6c80572fa28c5358596c57",
"bdd9ba1d38e8bb484c91651bb2592ae9a688befc",
"support"
],
"mixed-content/spec_json.js": [
"f3b78849f97e307c39f81cf9cebb01b367c91b79",
"817c54f14d3dabb0c8b21325b9824a8d0f439bb0",
"support"
],
"mixed-content/video-tag/http-csp/cross-origin-http/top-level/keep-scheme-redirect/optionally-blockable/opt-in-blocks.https.html": [

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: http-csp
origin: cross-origin-http
source_scheme: https
context_nesting: top-level
redirection: keep-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "cross-origin-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "keep-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: http-csp
origin: cross-origin-http
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "cross-origin-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: http-csp
origin: cross-origin-http
source_scheme: https
context_nesting: top-level
redirection: swap-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "cross-origin-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "swap-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/cross-origin-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: http-csp
origin: same-host-http
source_scheme: https
context_nesting: top-level
redirection: keep-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "same-host-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "keep-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-http/top-level/keep-scheme-redirect/blockable/opt-in-blocks.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: http-csp
origin: same-host-http
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "same-host-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: http-csp
origin: same-host-http
source_scheme: https
context_nesting: top-level
redirection: swap-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "same-host-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "swap-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-http/top-level/swap-scheme-redirect/blockable/opt-in-blocks.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Allowed content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of allowed content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/">
<meta name="assert" content="opt_in_method: http-csp
origin: same-host-https
source_scheme: https
context_nesting: top-level
redirection: keep-scheme-redirect
subresource: beacon-request
expectation: allowed">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "same-host-https",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "keep-scheme-redirect",
"subresource": "beacon-request",
"expectation": "allowed"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

40
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Allowed content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of allowed content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/">
<meta name="assert" content="opt_in_method: http-csp
origin: same-host-https
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: allowed">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "http-csp",
"origin": "same-host-https",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "allowed"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

1
testing/web-platform/tests/mixed-content/beacon-request/http-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html.headers Normal file
View File

@ -0,0 +1 @@
Content-Security-Policy: block-all-mixed-content

41
testing/web-platform/tests/mixed-content/beacon-request/meta-csp/cross-origin-http/top-level/no-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,41 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: meta-csp
origin: cross-origin-http
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: blocked">
<meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "meta-csp",
"origin": "cross-origin-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

41
testing/web-platform/tests/mixed-content/beacon-request/meta-csp/same-host-http/top-level/no-redirect/blockable/opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,41 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: meta-csp
origin: same-host-http
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: blocked">
<meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "meta-csp",
"origin": "same-host-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

41
testing/web-platform/tests/mixed-content/beacon-request/meta-csp/same-host-https/top-level/no-redirect/allowed/allowed.https.html Normal file
View File

@ -0,0 +1,41 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Allowed content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of allowed content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/">
<meta name="assert" content="opt_in_method: meta-csp
origin: same-host-https
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: allowed">
<meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "meta-csp",
"origin": "same-host-https",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "allowed"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: no-opt-in
origin: cross-origin-http
source_scheme: https
context_nesting: top-level
redirection: keep-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "cross-origin-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "keep-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: no-opt-in
origin: cross-origin-http
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "cross-origin-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/cross-origin-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: no-opt-in
origin: cross-origin-http
source_scheme: https
context_nesting: top-level
redirection: swap-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "cross-origin-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "swap-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/same-host-http/top-level/keep-scheme-redirect/blockable/no-opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: no-opt-in
origin: same-host-http
source_scheme: https
context_nesting: top-level
redirection: keep-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "same-host-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "keep-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/same-host-http/top-level/no-redirect/blockable/no-opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: no-opt-in
origin: same-host-http
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "same-host-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/same-host-http/top-level/swap-scheme-redirect/blockable/no-opt-in-blocks.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Blockable content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of blockable content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
<meta name="assert" content="opt_in_method: no-opt-in
origin: same-host-http
source_scheme: https
context_nesting: top-level
redirection: swap-scheme-redirect
subresource: beacon-request
expectation: blocked">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "same-host-http",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "swap-scheme-redirect",
"subresource": "beacon-request",
"expectation": "blocked"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/same-host-https/top-level/keep-scheme-redirect/allowed/allowed.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Allowed content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of allowed content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/">
<meta name="assert" content="opt_in_method: no-opt-in
origin: same-host-https
source_scheme: https
context_nesting: top-level
redirection: keep-scheme-redirect
subresource: beacon-request
expectation: allowed">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "same-host-https",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "keep-scheme-redirect",
"subresource": "beacon-request",
"expectation": "allowed"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

40
testing/web-platform/tests/mixed-content/beacon-request/no-opt-in/same-host-https/top-level/no-redirect/allowed/allowed.https.html Normal file
View File

@ -0,0 +1,40 @@
<!DOCTYPE html>
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
<html>
<head>
<title>Mixed-Content: Allowed content</title>
<meta charset='utf-8'>
<meta name="description" content="Test behavior of allowed content.">
<link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
<link rel="help" href="http://www.w3.org/TR/mixed-content/">
<meta name="assert" content="opt_in_method: no-opt-in
origin: same-host-https
source_scheme: https
context_nesting: top-level
redirection: no-redirect
subresource: beacon-request
expectation: allowed">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/mixed-content/generic/common.js"></script>
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
</head>
<body>
<script>
MixedContentTestCase(
{
"opt_in_method": "no-opt-in",
"origin": "same-host-https",
"source_scheme": "https",
"context_nesting": "top-level",
"redirection": "no-redirect",
"subresource": "beacon-request",
"expectation": "allowed"
},
document.querySelector("meta[name=assert]").content,
new SanityChecker()
).start();
</script>
<div id="log"></div>
</body>
</html>

20
testing/web-platform/tests/mixed-content/generic/common.js
View File

@ -304,6 +304,26 @@ function requestViaLinkPrefetch(url) {
}
}
/**
* Initiates a new beacon request.
* @param {string} url The URL of a resource to prefetch.
* @return {Promise} The promise for success/error events.
*/
async function requestViaSendBeacon(url) {
function wait(ms) {
return new Promise(resolve => step_timeout(resolve, ms));
}
if (!navigator.sendBeacon(url)) {
// If mixed-content check fails, it should return false.
throw new Error('sendBeacon() fails.');
}
// We don't have a means to see the result of sendBeacon() request
// for sure. Let's wait for a while and let the generic test function
// ask the server for the result.
await wait(500);
return 'allowed';
}
/**
* Creates a new media element with a child source element, binds loadeddata and
* error events, sets attributes and appends to document.body.

2
testing/web-platform/tests/mixed-content/generic/mixed-content-test-case.js
View File

@ -59,6 +59,7 @@ function MixedContentTestCase(scenario, description, sanityChecker) {
var resourceMap = {
"a-tag": requestViaAnchor,
"area-tag": requestViaArea,
"beacon-request": requestViaSendBeacon,
"fetch-request": requestViaFetch,
"form-tag": requestViaForm,
"iframe-tag": requestViaIframe,
@ -81,6 +82,7 @@ function MixedContentTestCase(scenario, description, sanityChecker) {
var contentType = {
"a-tag": "text/html",
"area-tag": "text/html",
"beacon-request": "text/plain",
"fetch-request": "application/json",
"form-tag": "text/html",
"iframe-tag": "text/html",

3
testing/web-platform/tests/mixed-content/spec.src.json
View File

@ -240,7 +240,8 @@
"object-tag",
"picture-tag",
"websocket-request",
"link-prefetch-tag"
"link-prefetch-tag",
"beacon-request"
],
"optionally-blockable": [
"img-tag",

2
testing/web-platform/tests/mixed-content/spec_json.js
View File

@ -1 +1 @@
var SPEC_JSON = {"test_expansion_schema": {"origin": ["same-host-https", "same-host-http", "cross-origin-https", "cross-origin-http", "same-host-wss", "same-host-ws", "cross-origin-wss", "cross-origin-ws"], "subresource": {"blockable": ["script-tag", "link-css-tag", "xhr-request", "worker-request", "fetch-request", "a-tag", "object-tag", "picture-tag", "websocket-request", "link-prefetch-tag"], "optionally-blockable": ["img-tag", "audio-tag", "video-tag"]}, "context_nesting": ["top-level", "sub-level"], "expectation": ["allowed", "blocked"], "expansion": ["default", "override"], "redirection": ["no-redirect", "keep-scheme-redirect", "swap-scheme-redirect"], "opt_in_method": ["no-opt-in", "http-csp", "meta-csp", "img-crossorigin"], "source_scheme": ["http", "https"]}, "specification": [{"test_expansion": [{"origin": ["cross-origin-http", "same-host-http"], "name": "opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": [], "optionally-blockable": "*"}}, {"origin": ["cross-origin-http", "same-host-http"], "name": "no-opt-in-allows", "redirection": "*", "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "no-opt-in", "source_scheme": "https", "subresource": {"blockable": [], "optionally-blockable": "*"}}], "description": "Test behavior of optionally-blockable content", "specification_url": "http://www.w3.org/TR/mixed-content/#category-optionally-blockable", "name": "optionally-blockable", "title": "Optionally-blockable content"}, {"test_expansion": [{"origin": ["cross-origin-http", "same-host-http"], "name": "opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": []}}, {"origin": ["cross-origin-http", "same-host-http"], "name": "no-opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "no-opt-in", "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": []}}, {"origin": ["cross-origin-ws", "same-host-ws"], "name": "ws-downgrade-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["no-opt-in", "http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": "websocket-request", "optionally-blockable": []}}], "description": "Test behavior of blockable content.", "specification_url": "http://www.w3.org/TR/mixed-content/#category-blockable", "name": "blockable", "title": "Blockable content"}, {"test_expansion": [{"origin": ["same-host-https"], "name": "allowed", "redirection": ["no-redirect", "keep-scheme-redirect"], "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "*", "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": "*"}}, {"origin": ["same-host-wss"], "name": "websocket-allowed", "redirection": ["no-redirect", "keep-scheme-redirect"], "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "*", "source_scheme": "https", "subresource": {"blockable": "websocket-request", "optionally-blockable": []}}], "description": "Test behavior of allowed content.", "specification_url": "http://www.w3.org/TR/mixed-content/", "name": "allowed", "title": "Allowed content"}], "excluded_tests": [{"origin": "*", "name": "Redundant-subresources", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "*", "source_scheme": "*", "subresource": {"blockable": ["a-tag"], "optionally-blockable": []}}, {"origin": ["same-host-https", "same-host-http", "cross-origin-https", "cross-origin-http"], "name": "Skip-origins-not-applicable-to-websockets", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "*", "source_scheme": "*", "subresource": {"blockable": ["websocket-request"], "optionally-blockable": []}}, {"origin": "*", "name": "TODO-opt-in-method-img-cross-origin", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "img-crossorigin", "source_scheme": "*", "subresource": {"blockable": "*", "optionally-blockable": "*"}}, {"origin": "*", "name": "Skip-redundant-for-opt-in-method", "redirection": ["keep-scheme-redirect", "swap-scheme-redirect"], "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": ["meta-csp", "img-crossorigin"], "source_scheme": "*", "subresource": {"blockable": "*", "optionally-blockable": "*"}}]};
var SPEC_JSON = {"test_expansion_schema": {"origin": ["same-host-https", "same-host-http", "cross-origin-https", "cross-origin-http", "same-host-wss", "same-host-ws", "cross-origin-wss", "cross-origin-ws"], "subresource": {"blockable": ["script-tag", "link-css-tag", "xhr-request", "worker-request", "fetch-request", "a-tag", "object-tag", "picture-tag", "websocket-request", "link-prefetch-tag", "beacon-request"], "optionally-blockable": ["img-tag", "audio-tag", "video-tag"]}, "context_nesting": ["top-level", "sub-level"], "expectation": ["allowed", "blocked"], "expansion": ["default", "override"], "redirection": ["no-redirect", "keep-scheme-redirect", "swap-scheme-redirect"], "opt_in_method": ["no-opt-in", "http-csp", "meta-csp", "img-crossorigin"], "source_scheme": ["http", "https"]}, "specification": [{"test_expansion": [{"origin": ["cross-origin-http", "same-host-http"], "name": "opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": [], "optionally-blockable": "*"}}, {"origin": ["cross-origin-http", "same-host-http"], "name": "no-opt-in-allows", "redirection": "*", "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "no-opt-in", "source_scheme": "https", "subresource": {"blockable": [], "optionally-blockable": "*"}}], "description": "Test behavior of optionally-blockable content", "specification_url": "http://www.w3.org/TR/mixed-content/#category-optionally-blockable", "name": "optionally-blockable", "title": "Optionally-blockable content"}, {"test_expansion": [{"origin": ["cross-origin-http", "same-host-http"], "name": "opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": []}}, {"origin": ["cross-origin-http", "same-host-http"], "name": "no-opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "no-opt-in", "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": []}}, {"origin": ["cross-origin-ws", "same-host-ws"], "name": "ws-downgrade-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["no-opt-in", "http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": "websocket-request", "optionally-blockable": []}}], "description": "Test behavior of blockable content.", "specification_url": "http://www.w3.org/TR/mixed-content/#category-blockable", "name": "blockable", "title": "Blockable content"}, {"test_expansion": [{"origin": ["same-host-https"], "name": "allowed", "redirection": ["no-redirect", "keep-scheme-redirect"], "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "*", "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": "*"}}, {"origin": ["same-host-wss"], "name": "websocket-allowed", "redirection": ["no-redirect", "keep-scheme-redirect"], "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "*", "source_scheme": "https", "subresource": {"blockable": "websocket-request", "optionally-blockable": []}}], "description": "Test behavior of allowed content.", "specification_url": "http://www.w3.org/TR/mixed-content/", "name": "allowed", "title": "Allowed content"}], "excluded_tests": [{"origin": "*", "name": "Redundant-subresources", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "*", "source_scheme": "*", "subresource": {"blockable": ["a-tag"], "optionally-blockable": []}}, {"origin": ["same-host-https", "same-host-http", "cross-origin-https", "cross-origin-http"], "name": "Skip-origins-not-applicable-to-websockets", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "*", "source_scheme": "*", "subresource": {"blockable": ["websocket-request"], "optionally-blockable": []}}, {"origin": "*", "name": "TODO-opt-in-method-img-cross-origin", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "img-crossorigin", "source_scheme": "*", "subresource": {"blockable": "*", "optionally-blockable": "*"}}, {"origin": "*", "name": "Skip-redundant-for-opt-in-method", "redirection": ["keep-scheme-redirect", "swap-scheme-redirect"], "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": ["meta-csp", "img-crossorigin"], "source_scheme": "*", "subresource": {"blockable": "*", "optionally-blockable": "*"}}]};