diff options
Diffstat (limited to 'testing/web-platform/tests/mixed-content/blockable')
200 files changed, 5680 insertions, 0 deletions
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..012bd3540 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..54fbe3a84 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..f95554558 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..277d47891 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..582ed6012 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..37d4db54b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..b4957a41e --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..e910a0ab7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..1f8763010 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..7376626e2 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..fc123d963 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..f7fd32cbf --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..8ebd99b01 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..b7743daa6 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..3fe162a2f --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..6f71158c2 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..48012dfe5 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..b76c48a65 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..61f10dfbf --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..69210c606 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..a2201a213 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..8fc3283a0 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..21f63bd73 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..d4c437147 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..314f09789 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..d44e65bcd --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..973db8006 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..5f4facece --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..0d700202f --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..22e930e20 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..c03b96f01 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..a7ce2a530 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..1eec54d3b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..6d67e4d0e --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..0d8b5ebdb --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..326ca747c --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..35e3102a5 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..eaa1cc5d7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..ff99ecf9b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..b93d17784 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..b23f9f0eb --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..122ee404d --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..4c43f3aea --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..27da8b421 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..01df78229 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..27e971ac4 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..0fe505a4b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..d066d7f4a --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..011e515da --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..5c8d860a6 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..123e53d20 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..735c267a8 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..d70b85768 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..bf77ac6d7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..f85094162 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..0dd9e88e8 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..eb7f7ea2c --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..972d7f3d3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..66b20800f --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..664acc6fa --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: http-csp + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "http-csp", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers new file mode 100644 index 000000000..46e2255e3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers @@ -0,0 +1 @@ +Content-Security-Policy: block-all-mixed-content diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..a1b37ef1e --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..2ea8aadca --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..2aa9e013b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..191b4a9ea --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..ee5cfea71 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..abe50087f --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..7e9a2395a --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..63ba90454 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..cf95677c7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..1bc4b11d9 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..0fb506de1 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..b5dcde734 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..1fb7a9385 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..5e71b99d4 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..28fdc6f08 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..9c484e398 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..44b4795c9 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..22e7c6eac --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html new file mode 100644 index 000000000..80a633ab2 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..a3cb304e0 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,41 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: meta-csp + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "meta-csp", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..f35fd03da --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..3b2d158d6 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..24a1e8671 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..aaeaf7673 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..a649f4de4 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..fa1d0fe90 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..0dad760aa --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..ed11ad73e --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..de84e1278 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..13c536f3e --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..e94103004 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..c9efe54e4 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..23e6badf7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..482024535 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..f91df5037 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..09fadc8d3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..635050128 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..c3bedd387 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..4c375acd1 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..21d152557 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..cd56451c5 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..4feea4b7d --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..2d4f15b13 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..a6782c7e5 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..b2ee591a7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..e49db79f3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..ffd8aeb9c --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..ef959099b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..9a344137b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..fad857a6e --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: cross-origin-ws + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "cross-origin-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..d7aa3899b --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..55c768525 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..13de80df7 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: fetch-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "fetch-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..45a2764ad --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..09e948a84 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..f72d269d1 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: form-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "form-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..a69f2bb41 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..f98fe6c4c --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..b891c73e8 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: iframe-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "iframe-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..11d8f4877 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..ce383d9aa --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..67b58e009 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: link-css-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "link-css-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..190b66b0d --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..c03d5036a --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..d9a166609 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: object-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "object-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..0b2a8c8ff --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..532c97bf0 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..662fc9048 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: picture-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "picture-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..cc1c051a3 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..23efca0a5 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..69e151519 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: script-tag + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "script-tag", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..065ff5ba5 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..3cd8a6748 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..3b3e17c27 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: worker-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "worker-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..897354a79 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..ee787d05a --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html new file mode 100644 index 000000000..9a9085b86 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-http + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: xhr-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-http", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "xhr-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..cc6369045 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: keep-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "keep-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..4b7ae62fd --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: no-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "no-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html new file mode 100644 index 000000000..278819b93 --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html @@ -0,0 +1,40 @@ +<!DOCTYPE html> +<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. --> +<html> + <head> + <title>Mixed-Content: Blockable content</title> + <meta charset='utf-8'> + <meta name="description" content="Test behavior of blockable content."> + <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org"> + <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable"> + <meta name="assert" content="opt_in_method: no-opt-in + origin: same-host-ws + source_scheme: https + context_nesting: top-level + redirection: swap-scheme-redirect + subresource: websocket-request + expectation: blocked"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/mixed-content/generic/common.js"></script> + <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> + </head> + <body> + <script> + MixedContentTestCase( + { + "opt_in_method": "no-opt-in", + "origin": "same-host-ws", + "source_scheme": "https", + "context_nesting": "top-level", + "redirection": "swap-scheme-redirect", + "subresource": "websocket-request", + "expectation": "blocked" + }, + document.querySelector("meta[name=assert]").content, + new SanityChecker() + ).start(); + </script> + <div id="log"></div> + </body> +</html> |