diff options
| author | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
|---|---|---|
| committer | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
| commit | 5f8de423f190bbb79a62f804151bc24824fa32d8 (patch) | |
| tree | 10027f336435511475e392454359edea8e25895d /testing/web-platform/tests/mixed-content/blockable/meta-csp | |
| parent | 49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff) | |
| download | UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip | |
Add m-esr52 at 52.6.0
Diffstat (limited to 'testing/web-platform/tests/mixed-content/blockable/meta-csp')
20 files changed, 820 insertions, 0 deletions
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..a1b37ef1e --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..2ea8aadca --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..2aa9e013b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..191b4a9ea --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..ee5cfea71 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..abe50087f --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..7e9a2395a --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..63ba90454 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..cf95677c7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..1bc4b11d9 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..0fb506de1 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..b5dcde734 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..1fb7a9385 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..5e71b99d4 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..28fdc6f08 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..9c484e398 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..44b4795c9 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..22e7c6eac --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..80a633ab2 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..a3cb304e0 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> |