Add m-esr52 at 52.6.0

398 files changed, 12256 insertions, 0 deletions

diff --git a/testing/web-platform/tests/mixed-content/OWNERS b/testing/web-platform/tests/mixed-content/OWNERS
new file mode 100644
index 000000000..db2d613c2
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/OWNERS
@@ -0,0 +1 @@
+@kristijanburnik
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..5e6b8cbe1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..0adc65f82
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..260fb14b0
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..9b18ebb78
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..742363922
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..3f781b820
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..f584e0be9
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..eb24a71a7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..77adba644
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..b08d413e8
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..606887e3d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..2f4f750de
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..a047941dc
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..bd24109af
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..d1be723f1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..3f8ec136a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..3ae09e2e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..883c0bbdf
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..cb3528e03
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..7bffa299c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..ce7266440
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..b9ddc78ff
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..1a9053e4c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..0488b1337
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..23f0a1fc8
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..7baa3e54a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html
new file mode 100644
index 000000000..ff33c35d1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-wss
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-wss",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html
new file mode 100644
index 000000000..dabaab28c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-wss
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-wss",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html.headers b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/http-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..a29157047
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..825fb2441
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..845298825
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..148a6ec88
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..e4ac20f4f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/img-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..869c05abe
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..71ef6d359
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..662ac192a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/object-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..0d846777f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..0d0eec01c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/script-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..cf8439631
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/video-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..e5bf5ce95
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/worker-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..ebbc9ec0c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html
new file mode 100644
index 000000000..f1cfed198
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/meta-csp/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-wss
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: allowed">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-wss",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..b30f28b2a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..c13fd88e4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..9045019de
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..d4b8292af
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..a640ddee7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/form-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/form-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..48f005a38
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/form-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..f44a0b54d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/iframe-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..9cd4f1ba4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/iframe-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..54bb60acc
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/img-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/img-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/img-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..26d7d2390
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/img-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..7d620f8da
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-css-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..f6d23405d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-css-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..c3ea33fdb
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-prefetch-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..4c5911153
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/link-prefetch-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..ebfb5195e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/object-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/object-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/object-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..f5ffcf3a8
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/object-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..57efd6f5e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/picture-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..e3113a84c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/picture-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..9dc0bb122
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/script-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/script-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/script-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..bad7e7f21
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/script-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..f044783e6
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/video-tag/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/video-tag/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/video-tag/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..fd0a1f923
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/video-tag/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..d720fc4fa
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/worker-request/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/worker-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/worker-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..bd69a14a9
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/worker-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html
new file mode 100644
index 000000000..9da0d9f98
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/xhr-request/top-level/keep-scheme-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html
new file mode 100644
index 000000000..b0fff36eb
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-https/xhr-request/top-level/no-redirect/allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-https
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-https",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html
new file mode 100644
index 000000000..52684b1a5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-wss/websocket-request/top-level/keep-scheme-redirect/websocket-allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-wss
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-wss",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html
new file mode 100644
index 000000000..a32429b88
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/allowed/no-opt-in/same-host-wss/websocket-request/top-level/no-redirect/websocket-allowed.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Allowed content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of allowed content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-wss
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-wss",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..012bd3540
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..54fbe3a84
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..f95554558
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..277d47891
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..582ed6012
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..37d4db54b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b4957a41e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..e910a0ab7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..1f8763010
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..7376626e2
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..fc123d963
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..f7fd32cbf
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..8ebd99b01
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b7743daa6
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..3fe162a2f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..6f71158c2
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..48012dfe5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b76c48a65
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..61f10dfbf
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..69210c606
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..a2201a213
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..8fc3283a0
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..21f63bd73
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..d4c437147
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..314f09789
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..d44e65bcd
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..973db8006
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..5f4facece
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..0d700202f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..22e930e20
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..c03b96f01
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..a7ce2a530
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..1eec54d3b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/fetch-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..6d67e4d0e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..0d8b5ebdb
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..326ca747c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/form-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..35e3102a5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..eaa1cc5d7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..ff99ecf9b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/iframe-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b93d17784
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b23f9f0eb
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..122ee404d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/link-css-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..4c43f3aea
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..27da8b421
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..01df78229
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/object-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..27e971ac4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..0fe505a4b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..d066d7f4a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/picture-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..011e515da
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..5c8d860a6
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..123e53d20
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/script-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..735c267a8
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..d70b85768
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..bf77ac6d7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/worker-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..f85094162
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..0dd9e88e8
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..eb7f7ea2c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-http/xhr-request/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..972d7f3d3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..66b20800f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..664acc6fa
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/http-csp/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..a1b37ef1e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..2ea8aadca
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..2aa9e013b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..191b4a9ea
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..ee5cfea71
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..abe50087f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..7e9a2395a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..63ba90454
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..cf95677c7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..1bc4b11d9
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..0fb506de1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/fetch-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b5dcde734
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/form-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..1fb7a9385
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/iframe-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..5e71b99d4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/link-css-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..28fdc6f08
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/object-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..9c484e398
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/picture-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..44b4795c9
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/script-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..22e7c6eac
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/worker-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..80a633ab2
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-http/xhr-request/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..a3cb304e0
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/meta-csp/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..f35fd03da
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..3b2d158d6
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..24a1e8671
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..aaeaf7673
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..a649f4de4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..fa1d0fe90
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..0dad760aa
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..ed11ad73e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..de84e1278
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..13c536f3e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..e94103004
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..c9efe54e4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..23e6badf7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..482024535
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..f91df5037
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..09fadc8d3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..635050128
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..c3bedd387
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..4c375acd1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..21d152557
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..cd56451c5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..4feea4b7d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..2d4f15b13
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..a6782c7e5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..b2ee591a7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..e49db79f3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..ffd8aeb9c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..ef959099b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..9a344137b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..fad857a6e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/cross-origin-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..d7aa3899b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..55c768525
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..13de80df7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/fetch-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: fetch-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "fetch-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..45a2764ad
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..09e948a84
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..f72d269d1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/form-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: form-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "form-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..a69f2bb41
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..f98fe6c4c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..b891c73e8
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/iframe-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: iframe-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "iframe-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..11d8f4877
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..ce383d9aa
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..67b58e009
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/link-css-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-css-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-css-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..190b66b0d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..c03d5036a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..d9a166609
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/object-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: object-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "object-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..0b2a8c8ff
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..532c97bf0
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..662fc9048
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/picture-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: picture-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "picture-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..cc1c051a3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..23efca0a5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..69e151519
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/script-tag/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: script-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "script-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..065ff5ba5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..3cd8a6748
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..3b3e17c27
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/worker-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: worker-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "worker-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..897354a79
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/keep-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..ee787d05a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/no-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
new file mode 100644
index 000000000..9a9085b86
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-http/xhr-request/top-level/swap-scheme-redirect/no-opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: xhr-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "xhr-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..cc6369045
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/keep-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..4b7ae62fd
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/no-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
new file mode 100644
index 000000000..278819b93
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/blockable/no-opt-in/same-host-ws/websocket-request/top-level/swap-scheme-redirect/ws-downgrade-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of blockable content.">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-ws
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: websocket-request
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-ws",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "websocket-request",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/generic/common.js b/testing/web-platform/tests/mixed-content/generic/common.js
new file mode 100644
index 000000000..36427a466
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/common.js
@@ -0,0 +1,398 @@
+/**
+ * @fileoverview Utilities for mixed-content in Web Platform Tests.
+ * @author burnik@google.com (Kristijan Burnik)
+ * Disclaimer: Some methods of other authors are annotated in the corresponding
+ *     method's JSDoc.
+ */
+
+/**
+ * Normalizes the target port for use in a URL. For default ports, this is the
+ *     empty string (omitted port), otherwise it's a colon followed by the port
+ *     number. Ports 80, 443 and an empty string are regarded as default ports.
+ * @param {number} targetPort The port to use
+ * @return {string} The port portion for using as part of a URL.
+ */
+function getNormalizedPort(targetPort) {
+  return ([80, 443, ""].indexOf(targetPort) >= 0) ? "" : ":" + targetPort;
+}
+
+/**
+ * Creates a GUID.
+ *     See: https://en.wikipedia.org/wiki/Globally_unique_identifier
+ *     Original author: broofa (http://www.broofa.com/)
+ *     Sourced from: http://stackoverflow.com/a/2117523/4949715
+ * @return {string} A pseudo-random GUID.
+ */
+function guid() {
+  return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
+    var r = Math.random() * 16 | 0, v = c == 'x' ? r : (r & 0x3 | 0x8);
+    return v.toString(16);
+  });
+}
+
+/**
+ * Initiates a new XHR via GET.
+ * @param {string} url The endpoint URL for the XHR.
+ * @param {string} responseType Optional - how should the response be parsed.
+ *     Default is "json".
+ *     See: https://xhr.spec.whatwg.org/#dom-xmlhttprequest-responsetype
+ * @return {Promise} A promise wrapping the success and error events.
+ */
+function xhrRequest(url, responseType) {
+  return new Promise(function(resolve, reject) {
+    var xhr = new XMLHttpRequest();
+    xhr.open('GET', url, true);
+    xhr.responseType = responseType || "json";
+
+    xhr.addEventListener("error", function() {
+      reject(Error("Network Error"));
+    });
+
+    xhr.addEventListener("load", function() {
+      if (xhr.status != 200)
+        return reject(Error(xhr.statusText));
+
+      resolve(xhr.response);
+    });
+
+    xhr.send();
+  });
+}
+
+/**
+ * Sets attributes on a given DOM element.
+ * @param {DOMElement} element The element on which to set the attributes.
+ * @param {object} An object with keys (serving as attribute names) and values.
+ */
+function setAttributes(el, attrs) {
+  attrs = attrs || {}
+  for (var attr in attrs)
+    el.setAttribute(attr, attrs[attr]);
+}
+
+
+/**
+ * Binds to success and error events of an object wrapping them into a promise
+ *     available through {@code element.eventPromise}. The success event
+ *     resolves and error event rejects.
+ * @param {object} element An object supporting events on which to bind the
+ *     promise.
+ * @param {string} resolveEventName [="load"] The event name to bind resolve to.
+ * @param {string} rejectEventName [="error"] The event name to bind reject to.
+ */
+function bindEvents(element, resolveEventName, rejectEventName) {
+  element.eventPromise = new Promise(function(resolve, reject) {
+    element.addEventListener(resolveEventName  || "load", resolve);
+    element.addEventListener(rejectEventName || "error",
+                             function(e) { e.preventDefault(); reject(); } );
+  });
+}
+
+/**
+ * Creates a new DOM element.
+ * @param {string} tagName The type of the DOM element.
+ * @param {object} attrs A JSON with attributes to apply to the element.
+ * @param {DOMElement} parent Optional - an existing DOM element to append to
+ *     If not provided, the returned element will remain orphaned.
+ * @param {boolean} doBindEvents Optional - Whether to bind to load and error
+ *     events and provide the promise wrapping the events via the element's
+ *     {@code eventPromise} property. Default value evaluates to false.
+ * @return {DOMElement} The newly created DOM element.
+ */
+function createElement(tagName, attrs, parent, doBindEvents) {
+  var element = document.createElement(tagName);
+
+  if (doBindEvents)
+    bindEvents(element);
+
+  // We set the attributes after binding to events to catch any
+  // event-triggering attribute changes. E.g. form submission.
+  //
+  // But be careful with images: unlike other elements they will start the load
+  // as soon as the attr is set, even if not in the document yet, and sometimes
+  // complete it synchronously, so the append doesn't have the effect we want.
+  // So for images, we want to set the attrs after appending, whereas for other
+  // elements we want to do it before appending.
+  var isImg = (tagName == "img");
+  if (!isImg)
+    setAttributes(element, attrs);
+
+  if (parent)
+    parent.appendChild(element);
+
+  if (isImg)
+    setAttributes(element, attrs);
+
+  return element;
+}
+
+function createRequestViaElement(tagName, attrs, parent) {
+  return createElement(tagName, attrs, parent, true).eventPromise;
+}
+
+/**
+ * Creates a new empty iframe and appends it to {@code document.body} .
+ * @param {string} name The name and ID of the new iframe.
+ * @param {boolean} doBindEvents Whether to bind load and error events.
+ * @return {DOMElement} The newly created iframe.
+ */
+function createHelperIframe(name, doBindEvents) {
+  return createElement("iframe",
+                       {"name": name, "id": name},
+                       document.body,
+                       doBindEvents);
+}
+
+/**
+ * Creates a new iframe, binds load and error events, sets the src attribute and
+ *     appends it to {@code document.body} .
+ * @param {string} url The src for the iframe.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaIframe(url) {
+  return createRequestViaElement("iframe", {"src": url}, document.body);
+}
+
+/**
+ * Creates a new image, binds load and error events, sets the src attribute and
+ *     appends it to {@code document.body} .
+ * @param {string} url The src for the image.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaImage(url) {
+  return createRequestViaElement("img", {"src": url}, document.body);
+}
+
+/**
+ * Initiates a new XHR GET request to provided URL.
+ * @param {string} url The endpoint URL for the XHR.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaXhr(url) {
+  return xhrRequest(url);
+}
+
+/**
+ * Initiates a new GET request to provided URL via the Fetch API.
+ * @param {string} url The endpoint URL for the Fetch.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaFetch(url) {
+  return fetch(url);
+}
+
+/**
+ * Creates a new Worker, binds message and error events wrapping them into.
+ *     {@code worker.eventPromise} and posts an empty string message to start
+ *     the worker.
+ * @param {string} url The endpoint URL for the worker script.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaWorker(url) {
+  var worker = new Worker(url);
+  bindEvents(worker, "message", "error");
+  worker.postMessage('');
+
+  return worker.eventPromise;
+}
+
+/**
+ * Sets the href attribute on a navigable DOM element and performs a navigation
+ *     by clicking it. To avoid navigating away from the current execution
+ *     context, a target attribute is set to point to a new helper iframe.
+ * @param {DOMElement} navigableElement The navigable DOMElement
+ * @param {string} url The href for the navigable element.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaNavigable(navigableElement, url) {
+  var iframe = createHelperIframe(guid(), true);
+  setAttributes(navigableElement,
+                {"href": url,
+                 "target": iframe.name});
+  navigableElement.click();
+
+  return iframe.eventPromise;
+}
+
+/**
+ * Creates a new anchor element, appends it to {@code document.body} and
+ *     performs the navigation.
+ * @param {string} url The URL to navigate to.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaAnchor(url) {
+  var a = createElement("a", {"innerHTML": "Link to resource"}, document.body);
+
+  return requestViaNavigable(a, url);
+}
+
+/**
+ * Creates a new area element, appends it to {@code document.body} and performs
+ *     the navigation.
+ * @param {string} url The URL to navigate to.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaArea(url) {
+  var area = createElement("area", {}, document.body);
+
+  return requestViaNavigable(area, url);
+}
+
+/**
+ * Creates a new script element, sets the src to url, and appends it to
+ *     {@code document.body}.
+ * @param {string} url The src URL.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaScript(url) {
+  return createRequestViaElement("script", {"src": url}, document.body);
+}
+
+/**
+ * Creates a new form element, sets attributes, appends it to
+ *     {@code document.body} and submits the form.
+ * @param {string} url The URL to submit to.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaForm(url) {
+  var iframe = createHelperIframe(guid());
+  var form = createElement("form",
+                           {"action": url,
+                            "method": "POST",
+                            "target": iframe.name},
+                           document.body);
+  bindEvents(iframe);
+  form.submit();
+
+  return iframe.eventPromise;
+}
+
+/**
+ * Creates a new link element for a stylesheet, binds load and error events,
+ *     sets the href to url and appends it to {@code document.head}.
+ * @param {string} url The URL for a stylesheet.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaLinkStylesheet(url) {
+  return createRequestViaElement("link",
+                                 {"rel": "stylesheet", "href": url},
+                                 document.head);
+}
+
+/**
+ * Creates a new link element for a prefetch, binds load and error events, sets
+ *     the href to url and appends it to {@code document.head}.
+ * @param {string} url The URL of a resource to prefetch.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaLinkPrefetch(url) {
+  // TODO(kristijanburnik): Check if prefetch should support load and error
+  // events. For now we assume it's not specified.
+  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Link_prefetching_FAQ
+  return createRequestViaElement("link",
+                                 {"rel": "prefetch", "href": url},
+                                 document.head);
+}
+
+/**
+ * Creates a new media element with a child source element, binds loadeddata and
+ *     error events, sets attributes and appends to document.body.
+ * @param {string} type The type of the media element (audio/video/picture).
+ * @param {object} media_attrs The attributes for the media element.
+ * @param {object} source_attrs The attributes for the child source element.
+ * @return {DOMElement} The newly created media element.
+ */
+function createMediaElement(type, media_attrs, source_attrs) {
+  var mediaElement = createElement(type, {});
+  var sourceElement = createElement("source", {}, mediaElement);
+
+  mediaElement.eventPromise = new Promise(function(resolve, reject) {
+    mediaElement.addEventListener("loadeddata", resolve);
+    // Notice that the source element will raise the error.
+    sourceElement.addEventListener("error", reject);
+  });
+
+  setAttributes(mediaElement, media_attrs);
+  setAttributes(sourceElement, source_attrs);
+  document.body.appendChild(mediaElement);
+
+  return mediaElement;
+}
+
+/**
+ * Creates a new video element, binds loadeddata and error events, sets
+ *     attributes and source URL and appends to {@code document.body}.
+ * @param {string} url The URL of the video.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaVideo(url) {
+  return createMediaElement("video",
+                            {},
+                            {type: "video/mp4", src: url}).eventPromise;
+}
+
+/**
+ * Creates a new audio element, binds loadeddata and error events, sets
+ *     attributes and source URL and appends to {@code document.body}.
+ * @param {string} url The URL of the audio.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaAudio(url) {
+  return createMediaElement("audio",
+                            {},
+                            {type: "audio/mpeg", src: url}).eventPromise;
+}
+
+/**
+ * Creates a new picture element, binds loadeddata and error events, sets
+ *     attributes and source URL and appends to {@code document.body}. Also
+ *     creates new image element appending it to the picture
+ * @param {string} url The URL of the image for the source and image elements.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaPicture(url) {
+  var picture = createMediaElement("picture", {}, {"srcset": url,
+                                                "type": "image/png"});
+  return createRequestViaElement("img", {"src": url}, picture);
+}
+
+/**
+ * Creates a new object element, binds load and error events, sets the data to
+ *     url, and appends it to {@code document.body}.
+ * @param {string} url The data URL.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaObject(url) {
+  return createRequestViaElement("object", {"data": url}, document.body);
+}
+
+/**
+ * Creates a new WebSocket pointing to {@code url} and sends a message string
+ * "echo". The {@code message} and {@code error} events are triggering the
+ * returned promise resolve/reject events.
+ * @param {string} url The URL for WebSocket to connect to.
+ * @return {Promise} The promise for success/error events.
+ */
+function requestViaWebSocket(url) {
+  return new Promise(function(resolve, reject) {
+    var websocket = new WebSocket(url);
+
+    websocket.addEventListener("message", function(e) {
+      resolve(JSON.parse(e.data));
+    });
+
+    websocket.addEventListener("open", function(e) {
+      websocket.send("echo");
+    });
+
+    websocket.addEventListener("error", function(e) {
+      reject(e)
+    });
+  });
+}
+
+// SanityChecker does nothing in release mode. See sanity-checker.js for debug
+// mode.
+function SanityChecker() {}
+SanityChecker.prototype.checkScenario = function() {};
+SanityChecker.prototype.setFailTimeout = function(test, timeout) {};
diff --git a/testing/web-platform/tests/mixed-content/generic/expect.py b/testing/web-platform/tests/mixed-content/generic/expect.py
new file mode 100644
index 000000000..a3ea61b21
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/expect.py
@@ -0,0 +1,102 @@
+import json, os, urllib, urlparse
+
+def redirect(url, response):
+    response.add_required_headers = False
+    response.writer.write_status(301)
+    response.writer.write_header("access-control-allow-origin", "*")
+    response.writer.write_header("location", url)
+    response.writer.end_headers()
+    response.writer.write("")
+
+def create_redirect_url(request, swap_scheme = False):
+    parsed = urlparse.urlsplit(request.url)
+    destination_netloc = parsed.netloc
+    scheme = parsed.scheme
+
+    if swap_scheme:
+        scheme = "http" if parsed.scheme == "https" else "https"
+        hostname = parsed.netloc.split(':')[0]
+        port = request.server.config["ports"][scheme][0]
+        destination_netloc = ":".join([hostname, str(port)])
+
+    # Remove "redirection" from query to avoid redirect loops.
+    parsed_query = dict(urlparse.parse_qsl(parsed.query))
+    assert "redirection" in parsed_query
+    del parsed_query["redirection"]
+
+    destination_url = urlparse.urlunsplit(urlparse.SplitResult(
+        scheme = scheme,
+        netloc = destination_netloc,
+        path = parsed.path,
+        query = urllib.urlencode(parsed_query),
+        fragment = None))
+
+    return destination_url
+
+def main(request, response):
+    if "redirection" in request.GET:
+        redirection = request.GET["redirection"]
+        if redirection == "no-redirect":
+            pass
+        elif redirection == "keep-scheme-redirect":
+            redirect(create_redirect_url(request, swap_scheme=False), response)
+            return
+        elif redirection == "swap-scheme-redirect":
+            redirect(create_redirect_url(request, swap_scheme=True), response)
+            return
+        else:
+            raise ValueError ("Invalid redirect type: %s" % redirection)
+
+    content_type = "text/plain"
+    response_data = ""
+
+    if "action" in request.GET:
+        action = request.GET["action"]
+
+        if "content_type" in request.GET:
+            content_type = request.GET["content_type"]
+
+        key = request.GET["key"]
+        stash = request.server.stash
+        path = request.GET.get("path", request.url.split('?'))[0]
+
+        if action == "put":
+            value = request.GET["value"]
+            stash.take(key=key, path=path)
+            stash.put(key=key, value=value, path=path)
+            response_data = json.dumps({"status": "success", "result": key})
+        elif action == "purge":
+            value = stash.take(key=key, path=path)
+            if content_type == "image/png":
+                response_data = open(os.path.join(request.doc_root,
+                                                  "images",
+                                                  "smiley.png"), "rb").read()
+            elif content_type == "audio/mpeg":
+                response_data = open(os.path.join(request.doc_root,
+                                                  "media",
+                                                  "sound_5.oga"), "rb").read()
+            elif content_type == "video/mp4":
+                response_data = open(os.path.join(request.doc_root,
+                                                  "media",
+                                                  "movie_5.mp4"), "rb").read()
+            elif content_type == "application/javascript":
+                response_data = open(os.path.join(request.doc_root,
+                                                  "mixed-content",
+                                                  "generic",
+                                                  "worker.js"), "rb").read()
+            else:
+                response_data = "/* purged */"
+        elif action == "take":
+            value = stash.take(key=key, path=path)
+            if value is None:
+                status = "allowed"
+            else:
+                status = "blocked"
+            response_data = json.dumps({"status": status, "result": value})
+
+    response.add_required_headers = False
+    response.writer.write_status(200)
+    response.writer.write_header("content-type", content_type)
+    response.writer.write_header("cache-control", "no-cache; must-revalidate")
+    response.writer.end_headers()
+    response.writer.write(response_data)
diff --git a/testing/web-platform/tests/mixed-content/generic/mixed-content-test-case.js b/testing/web-platform/tests/mixed-content/generic/mixed-content-test-case.js
new file mode 100644
index 000000000..7f3a7bfa9
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/mixed-content-test-case.js
@@ -0,0 +1,163 @@
+/**
+ * @fileoverview Test case for mixed-content in Web Platform Tests.
+ * @author burnik@google.com (Kristijan Burnik)
+ */
+
+/**
+ * MixedContentTestCase exercises all the tests for checking browser behavior
+ * when resources regarded as mixed-content are requested. A single run covers
+ * only a single scenario.
+ * @param {object} scenario A JSON describing the test arrangement and
+ *     expectation(s). Refer to /mixed-content/spec.src.json for details.
+ * @param {string} description The test scenario verbose description.
+ * @param {SanityChecker} sanityChecker Instance of an object used to check the
+ *     running scenario. Useful in debug mode. See ./sanity-checker.js.
+ *     Run {@code ./tools/generate.py -h} for info on test generating modes.
+ * @return {object} Object wrapping the start method used to run the test.
+ */
+function MixedContentTestCase(scenario, description, sanityChecker) {
+  var httpProtocol = "http";
+  var httpsProtocol = "https";
+  var wsProtocol = "ws";
+  var wssProtocol = "wss";
+
+  var sameOriginHost = location.hostname;
+  var crossOriginHost = "{{domains[www1]}}";
+
+  // These values can evaluate to either empty strings or a ":port" string.
+  var httpPort = getNormalizedPort(parseInt("{{ports[http][0]}}", 10));
+  var httpsPort = getNormalizedPort(parseInt("{{ports[https][0]}}", 10));
+  var wsPort = getNormalizedPort(parseInt("{{ports[ws][0]}}", 10));
+  var wssPort = getNormalizedPort(parseInt("{{ports[wss][0]}}", 10));
+
+  var resourcePath = "/mixed-content/generic/expect.py";
+  var wsResourcePath = "/stash_responder";
+
+  // Map all endpoints to scenario for use in the test.
+  var endpoint = {
+    "same-origin":
+      location.origin + resourcePath,
+    "same-host-https":
+      httpsProtocol + "://" + sameOriginHost + httpsPort + resourcePath,
+    "same-host-http":
+      httpProtocol + "://" + sameOriginHost + httpPort + resourcePath,
+    "cross-origin-https":
+      httpsProtocol + "://" + crossOriginHost + httpsPort + resourcePath,
+    "cross-origin-http":
+      httpProtocol + "://" + crossOriginHost + httpPort + resourcePath,
+    "same-host-wss":
+      wssProtocol + "://" + sameOriginHost + wssPort + wsResourcePath,
+    "same-host-ws":
+      wsProtocol + "://" + sameOriginHost + wsPort + wsResourcePath,
+    "cross-origin-wss":
+      wssProtocol + "://" + crossOriginHost + wssPort + wsResourcePath,
+    "cross-origin-ws":
+      wsProtocol + "://" + crossOriginHost + wsPort + wsResourcePath
+  };
+
+  // Mapping all the resource requesting methods to the scenario.
+  var resourceMap = {
+    "a-tag": requestViaAnchor,
+    "area-tag": requestViaArea,
+    "fetch-request": requestViaFetch,
+    "form-tag": requestViaForm,
+    "iframe-tag": requestViaIframe,
+    "img-tag":  requestViaImage,
+    "script-tag": requestViaScript,
+    "worker-request": requestViaWorker,
+    "xhr-request": requestViaXhr,
+    "audio-tag": requestViaAudio,
+    "video-tag": requestViaVideo,
+    "picture-tag": requestViaPicture,
+    "object-tag": requestViaObject,
+    "link-css-tag": requestViaLinkStylesheet,
+    "link-prefetch-tag": requestViaLinkPrefetch,
+    "websocket-request": requestViaWebSocket
+  };
+
+  sanityChecker.checkScenario(scenario, resourceMap);
+
+  // Mapping all expected MIME types to the scenario.
+  var contentType = {
+    "a-tag": "text/html",
+    "area-tag": "text/html",
+    "fetch-request": "application/json",
+    "form-tag": "text/html",
+    "iframe-tag": "text/html",
+    "img-tag":  "image/png",
+    "script-tag": "text/javascript",
+    "worker-request": "application/javascript",
+    "xhr-request": "application/json",
+    "audio-tag": "audio/mpeg",
+    "video-tag": "video/mp4",
+    "picture-tag": "image/png",
+    "object-tag": "text/html",
+    "link-css-tag": "text/css",
+    "link-prefetch-tag": "text/html",
+    "websocket-request": "application/json"
+  };
+
+  var mixed_content_test = async_test(description);
+
+  function runTest() {
+    sanityChecker.setFailTimeout(mixed_content_test);
+
+    var key = guid();
+    var value = guid();
+    // We use the same path for both HTTP/S and WS/S stash requests.
+    var stash_path = encodeURIComponent("/mixed-content");
+    var announceResourceRequestUrl = endpoint['same-origin'] +
+                                     "?action=put&key=" + key +
+                                     "&value=" + value +
+                                     "&path=" + stash_path;
+    var assertResourceRequestUrl = endpoint['same-origin'] +
+                                  "?action=take&key=" + key +
+                                  "&path=" + stash_path;
+    var resourceRequestUrl = endpoint[scenario.origin] + "?redirection=" +
+                             scenario.redirection + "&action=purge&key=" + key +
+                             "&path=" + stash_path + "&content_type=" +
+                             contentType[scenario.subresource];
+
+    xhrRequest(announceResourceRequestUrl)
+      .then(function(response) {
+        // Send out the real resource request.
+        // This should tear down the key if it's not blocked.
+        return resourceMap[scenario.subresource](resourceRequestUrl);
+      })
+      .then(function() {
+        mixed_content_test.step(function() {
+          assert_equals("allowed", scenario.expectation,
+                        "The triggered event should match '" +
+                        scenario.expectation + "'.");
+        }, "Check if success event was triggered.");
+
+        // Send request to check if the key has been torn down.
+        return xhrRequest(assertResourceRequestUrl);
+      }, function(error) {
+        mixed_content_test.step(function() {
+          assert_equals("blocked", scenario.expectation,
+                        "The triggered event should match '" +
+                        scenario.expectation + "'.");
+          // TODO(kristijanburnik): param "error" can be an event or error.
+          // Map assertion by resource.
+          // e.g.: assert_equals(e.type, "error");
+        }, "Check if error event was triggered.");
+
+        // When requestResource fails, we also check the key state.
+        return xhrRequest(assertResourceRequestUrl);
+      })
+      .then(function(response) {
+         // Now check if the value has been torn down. If it's still there,
+         // we have blocked the request to mixed-content.
+         mixed_content_test.step(function() {
+           assert_equals(response.status, scenario.expectation,
+                  "The resource request should be '" + scenario.expectation +
+                  "'.");
+         }, "Check if request was sent.");
+         mixed_content_test.done();
+      });
+
+  }  // runTest
+
+  return {start: runTest};
+}  // MixedContentTestCase
diff --git a/testing/web-platform/tests/mixed-content/generic/sanity-checker.js b/testing/web-platform/tests/mixed-content/generic/sanity-checker.js
new file mode 100644
index 000000000..55a103adf
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/sanity-checker.js
@@ -0,0 +1,53 @@
+// The SanityChecker is used in debug mode to identify problems with the
+// structure of the testsuite and to force early test failures.
+// In release mode it is mocked out to do nothing.
+function SanityChecker()  {}
+
+SanityChecker.prototype.checkScenario = function(scenario, resourceInvoker) {
+  // Check if scenario is valid.
+  test(function() {
+    var expectedFields = SPEC_JSON["test_expansion_schema"];
+
+    for (var field in expectedFields) {
+      if (field == "expansion")
+        continue
+
+      assert_own_property(scenario, field,
+                          "The scenario should contain field '" + field + "'.")
+
+      var expectedFieldList = expectedFields[field];
+      if (!expectedFieldList.hasOwnProperty('length')) {
+        var expectedFieldList = [];
+        for (var key in expectedFields[field]) {
+          expectedFieldList = expectedFieldList.concat(expectedFields[field][key])
+        }
+      }
+      assert_in_array(scenario[field], expectedFieldList,
+                      "Scenario's " + field + " is one of: " +
+                      expectedFieldList.join(", ")) + "."
+    }
+
+    // Check if the protocol is matched.
+    assert_equals(scenario["source_scheme"] + ":", location.protocol,
+                  "Protocol of the test page should match the scenario.")
+
+    assert_own_property(resourceInvoker, scenario.subresource,
+                        "Subresource should be supported");
+
+  }, "[MixedContentTestCase] The test scenario should be valid.");
+}
+
+// For easier debugging runs, we can fail a test earlier.
+SanityChecker.prototype.setFailTimeout = function(test, timeout) {
+  // Due to missing implementations, tests time out, so we fail them early.
+  // TODO(kristijanburnik): Once WPT rolled in:
+  //   https://github.com/w3c/testharness.js/pull/127
+  // Refactor to make use of step_timeout.
+  setTimeout(function() {
+    test.step(function() {
+      assert_equals(test.phase, test.phases.COMPLETE,
+                    "Expected test to complete.");
+      test.done();
+    })
+  }, timeout || 1000);
+}
diff --git a/testing/web-platform/tests/mixed-content/generic/template/disclaimer.template b/testing/web-platform/tests/mixed-content/generic/template/disclaimer.template
new file mode 100644
index 000000000..66c43ed6f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/template/disclaimer.template
@@ -0,0 +1 @@
+<!-- DO NOT EDIT! Generated by %(generating_script_filename)s using %(html_template_filename)s. -->
diff --git a/testing/web-platform/tests/mixed-content/generic/template/spec_json.js.template b/testing/web-platform/tests/mixed-content/generic/template/spec_json.js.template
new file mode 100644
index 000000000..e4cbd0342
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/template/spec_json.js.template
@@ -0,0 +1 @@
+var SPEC_JSON = %(spec_json)s;
diff --git a/testing/web-platform/tests/mixed-content/generic/template/test.debug.html.template b/testing/web-platform/tests/mixed-content/generic/template/test.debug.html.template
new file mode 100644
index 000000000..013bb6250
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/template/test.debug.html.template
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+%(generated_disclaimer)s
+<html>
+  <head>
+    <title>Mixed-Content: %(spec_title)s</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="%(spec_description)s">
+    <meta name="assert" content="%(test_description)s">%(meta_opt_in)s
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <!-- Common global functions for mixed-content tests. -->
+    <script src="/mixed-content/generic/common.js"></script>
+    <!-- The original specification JSON for validating the scenario. -->
+    <script src="/mixed-content/spec_json.js"></script>
+    <!-- Internal checking of the tests -->
+    <script src="/mixed-content/generic/sanity-checker.js"></script>
+    <!-- Simple wrapper API for all mixed-content test cases. -->
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <h1>%(spec_title)s</h1>
+    <h2>%(spec_description)s</h2>
+    <pre>%(test_description)s</pre>
+
+    <p>See <a href="%(spec_specification_url)s" target="_blank">specification</a>
+       details for this test.</p>
+
+    <div id="log"></div>
+    <script>%(test_js)s</script>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/generic/template/test.js.template b/testing/web-platform/tests/mixed-content/generic/template/test.js.template
new file mode 100644
index 000000000..b8c0769fc
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/template/test.js.template
@@ -0,0 +1,13 @@
+MixedContentTestCase(
+  {
+    "opt_in_method": "%(opt_in_method)s",
+    "origin": "%(origin)s",
+    "source_scheme": "%(source_scheme)s",
+    "context_nesting": "%(context_nesting)s",
+    "redirection": "%(redirection)s",
+    "subresource": "%(subresource)s",
+    "expectation": "%(expectation)s"
+  },
+  document.querySelector("meta[name=assert]").content,
+  new SanityChecker()
+).start();
diff --git a/testing/web-platform/tests/mixed-content/generic/template/test.release.html.template b/testing/web-platform/tests/mixed-content/generic/template/test.release.html.template
new file mode 100644
index 000000000..ca77389cc
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/template/test.release.html.template
@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+%(generated_disclaimer)s
+<html>
+  <head>
+    <title>Mixed-Content: %(spec_title)s</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="%(spec_description)s">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="%(spec_specification_url)s">
+    <meta name="assert" content="%(test_description)s">%(meta_opt_in)s
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>%(test_js)s</script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/generic/template/test_description.template b/testing/web-platform/tests/mixed-content/generic/template/test_description.template
new file mode 100644
index 000000000..33dbcaa05
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/template/test_description.template
@@ -0,0 +1,7 @@
+opt_in_method: %(opt_in_method)s
+origin: %(origin)s
+source_scheme: %(source_scheme)s
+context_nesting: %(context_nesting)s
+redirection: %(redirection)s
+subresource: %(subresource)s
+expectation: %(expectation)s
diff --git a/testing/web-platform/tests/mixed-content/generic/tools/__init__.py b/testing/web-platform/tests/mixed-content/generic/tools/__init__.py
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/tools/__init__.py
diff --git a/testing/web-platform/tests/mixed-content/generic/tools/clean.py b/testing/web-platform/tests/mixed-content/generic/tools/clean.py
new file mode 100755
index 000000000..9416f0b5b
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/tools/clean.py
@@ -0,0 +1,35 @@
+#!/usr/bin/env python
+
+import os, json
+from common_paths import *
+import spec_validator
+
+def rmtree(top):
+    top = os.path.abspath(top)
+    assert top != os.path.expanduser("~")
+    assert len(top) > len(os.path.expanduser("~"))
+    assert "web-platform-tests" in top
+    assert "mixed-content" in top
+
+    for root, dirs, files in os.walk(top, topdown=False):
+        for name in files:
+            os.remove(os.path.join(root, name))
+        for name in dirs:
+            os.rmdir(os.path.join(root, name))
+
+    os.rmdir(top)
+
+def main():
+    spec_json = load_spec_json();
+    spec_validator.assert_valid_spec_json(spec_json)
+
+    for spec in spec_json['specification']:
+        generated_dir = os.path.join(spec_directory, spec["name"])
+        if (os.path.isdir(generated_dir)):
+            rmtree(generated_dir)
+
+    if (os.path.isfile(generated_spec_json_filename)):
+        os.remove(generated_spec_json_filename)
+
+if __name__ == '__main__':
+    main()
diff --git a/testing/web-platform/tests/mixed-content/generic/tools/common_paths.py b/testing/web-platform/tests/mixed-content/generic/tools/common_paths.py
new file mode 100644
index 000000000..5c2807d28
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/tools/common_paths.py
@@ -0,0 +1,58 @@
+import os, sys, json, re
+
+script_directory = os.path.dirname(os.path.abspath(__file__))
+generic_directory = os.path.abspath(os.path.join(script_directory, '..'))
+
+template_directory = os.path.abspath(os.path.join(script_directory,
+                                                  '..',
+                                                  'template'))
+spec_directory = os.path.abspath(os.path.join(script_directory, '..', '..'))
+test_root_directory = os.path.abspath(os.path.join(script_directory,
+                                                   '..', '..', '..'))
+
+spec_filename = os.path.join(spec_directory, "spec.src.json")
+generated_spec_json_filename = os.path.join(spec_directory, "spec_json.js")
+
+selection_pattern = '%(opt_in_method)s/' + \
+                    '%(origin)s/' + \
+                    '%(subresource)s/' + \
+                    '%(context_nesting)s/' + \
+                    '%(redirection)s/'
+
+test_file_path_pattern = '%(spec_name)s/' + selection_pattern + \
+                         '%(name)s.%(source_scheme)s.html'
+
+
+def get_template(basename):
+    with open(os.path.join(template_directory, basename), "r") as f:
+        return f.read()
+
+
+def write_file(filename, contents):
+    with open(filename, "w") as f:
+        f.write(contents)
+
+
+def read_nth_line(fp, line_number):
+  fp.seek(0)
+  for i, line in enumerate(fp):
+    if (i + 1) == line_number:
+      return line
+
+
+def load_spec_json(path_to_spec = None):
+    if path_to_spec is None:
+      path_to_spec = spec_filename
+
+    re_error_location = re.compile('line ([0-9]+) column ([0-9]+)')
+    with open(path_to_spec, "r") as f:
+        try:
+          return json.load(f)
+        except ValueError, ex:
+          print ex.message
+          match = re_error_location.search(ex.message)
+          if match:
+            line_number, column = int(match.group(1)), int(match.group(2))
+            print read_nth_line(f, line_number).rstrip()
+            print " " * (column - 1) + "^"
+          sys.exit(1)
diff --git a/testing/web-platform/tests/mixed-content/generic/tools/generate.py b/testing/web-platform/tests/mixed-content/generic/tools/generate.py
new file mode 100755
index 000000000..6dcaebdc3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/tools/generate.py
@@ -0,0 +1,157 @@
+#!/usr/bin/env python
+
+import os, sys, json
+from common_paths import *
+import spec_validator
+import argparse
+
+
+def expand_pattern(expansion_pattern, test_expansion_schema):
+    expansion = {}
+    for artifact_key in expansion_pattern:
+        artifact_value = expansion_pattern[artifact_key]
+        if artifact_value == '*':
+            expansion[artifact_key] = test_expansion_schema[artifact_key]
+        elif isinstance(artifact_value, list):
+            expansion[artifact_key] = artifact_value
+        elif isinstance(artifact_value, dict):
+            # Flattened expansion.
+            expansion[artifact_key] = []
+            values_dict = expand_pattern(artifact_value,
+                                         test_expansion_schema[artifact_key])
+            for sub_key in values_dict.keys():
+                expansion[artifact_key] += values_dict[sub_key]
+        else:
+            expansion[artifact_key] = [artifact_value]
+
+    return expansion
+
+
+def permute_expansion(expansion, artifact_order, selection = {}, artifact_index = 0):
+    assert isinstance(artifact_order, list), "artifact_order should be a list"
+
+    if artifact_index >= len(artifact_order):
+        yield selection
+        return
+
+    artifact_key = artifact_order[artifact_index]
+
+    for artifact_value in expansion[artifact_key]:
+        selection[artifact_key] = artifact_value
+        for next_selection in permute_expansion(expansion,
+                                                artifact_order,
+                                                selection,
+                                                artifact_index + 1):
+            yield next_selection
+
+
+def generate_selection(selection, spec, test_html_template_basename):
+    selection['spec_name'] = spec['name']
+    selection['spec_title'] = spec['title']
+    selection['spec_description'] = spec['description']
+    selection['spec_specification_url'] = spec['specification_url']
+
+    test_filename = test_file_path_pattern % selection
+    test_headers_filename = test_filename + ".headers"
+    test_directory = os.path.dirname(test_filename)
+    full_path = os.path.join(spec_directory, test_directory)
+
+    test_html_template = get_template(test_html_template_basename)
+    test_js_template = get_template("test.js.template")
+    disclaimer_template = get_template('disclaimer.template')
+    test_description_template = get_template("test_description.template")
+
+    html_template_filename = os.path.join(template_directory,
+                                          test_html_template_basename)
+    generated_disclaimer = disclaimer_template \
+        % {'generating_script_filename': os.path.relpath(__file__,
+           test_root_directory),
+           'html_template_filename': os.path.relpath(html_template_filename,
+           test_root_directory)}
+
+    selection['generated_disclaimer'] = generated_disclaimer.rstrip()
+    test_description_template = \
+        test_description_template.rstrip().replace("\n", "\n" + " " * 33)
+    selection['test_description'] = test_description_template % selection
+
+    # Adjust the template for the test invoking JS. Indent it to look nice.
+    indent = "\n" + " " * 6;
+    test_js_template = indent + test_js_template.replace("\n", indent);
+    selection['test_js'] = test_js_template % selection
+
+    # Directory for the test files.
+    try:
+        os.makedirs(full_path)
+    except:
+        pass
+
+    # TODO(kristijanburnik): Implement the opt-in-method here.
+    opt_in_method = selection['opt_in_method']
+    selection['meta_opt_in'] = ''
+    if opt_in_method == 'meta-csp':
+        selection['meta_opt_in'] = '\n    <meta http-equiv="Content-Security-Policy" ' + \
+                                   'content="block-all-mixed-content">'
+    elif opt_in_method == 'http-csp':
+        opt_in_headers = "Content-Security-Policy: block-all-mixed-content\n"
+        write_file(test_headers_filename, opt_in_headers)
+    elif opt_in_method == 'no-opt-in':
+        pass
+    else:
+        raise ValueError("Invalid opt_in_method %s" % opt_in_method)
+
+    # Write out the generated HTML file.
+    write_file(test_filename, test_html_template % selection)
+
+def generate_test_source_files(spec_json, target):
+    test_expansion_schema = spec_json['test_expansion_schema']
+    specification = spec_json['specification']
+
+    spec_json_js_template = get_template('spec_json.js.template')
+    write_file(generated_spec_json_filename,
+               spec_json_js_template % {'spec_json': json.dumps(spec_json)})
+
+    # Choose a debug/release template depending on the target.
+    html_template = "test.%s.html.template" % target
+
+    artifact_order = test_expansion_schema.keys() + ['name']
+
+    # Create list of excluded tests.
+    exclusion_dict = {}
+    for excluded_pattern in spec_json['excluded_tests']:
+        excluded_expansion = \
+            expand_pattern(excluded_pattern,
+                                          test_expansion_schema)
+        for excluded_selection in permute_expansion(excluded_expansion, artifact_order):
+            excluded_selection_path = selection_pattern % excluded_selection
+            exclusion_dict[excluded_selection_path] = True
+
+    for spec in specification:
+        for expansion_pattern in spec['test_expansion']:
+            expansion = expand_pattern(expansion_pattern,
+                                                      test_expansion_schema)
+            for selection in permute_expansion(expansion, artifact_order):
+                selection_path = selection_pattern % selection
+                if not selection_path in exclusion_dict:
+                    generate_selection(selection,
+                                       spec,
+                                       html_template)
+                else:
+                    print 'Excluding selection:', selection_path
+
+
+def main(target, spec_filename):
+    spec_json = load_spec_json(spec_filename);
+    spec_validator.assert_valid_spec_json(spec_json)
+    generate_test_source_files(spec_json, target)
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description='Test suite generator utility')
+    parser.add_argument('-t', '--target', type = str,
+        choices = ("release", "debug"), default = "release",
+        help = 'Sets the appropriate template for generating tests')
+    parser.add_argument('-s', '--spec', type = str, default = None,
+        help = 'Specify a file used for describing and generating the tests')
+    # TODO(kristijanburnik): Add option for the spec_json file.
+    args = parser.parse_args()
+    main(args.target, args.spec)
diff --git a/testing/web-platform/tests/mixed-content/generic/tools/regenerate b/testing/web-platform/tests/mixed-content/generic/tools/regenerate
new file mode 100755
index 000000000..e6bd63519
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/tools/regenerate
@@ -0,0 +1,3 @@
+#!/bin/bash
+DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
+python $DIR/clean.py && python $DIR/generate.py
diff --git a/testing/web-platform/tests/mixed-content/generic/tools/spec_validator.py b/testing/web-platform/tests/mixed-content/generic/tools/spec_validator.py
new file mode 100755
index 000000000..a6acc1040
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/tools/spec_validator.py
@@ -0,0 +1,159 @@
+#!/usr/bin/env python
+
+import json, sys
+from common_paths import *
+
+def assert_non_empty_string(obj, field):
+    assert field in obj, 'Missing field "%s"' % field
+    assert isinstance(obj[field], basestring), \
+        'Field "%s" must be a string' % field
+    assert len(obj[field]) > 0, 'Field "%s" must not be empty' % field
+
+
+def assert_non_empty_list(obj, field):
+    assert isinstance(obj[field], list), \
+        '%s must be a list' % field
+    assert len(obj[field]) > 0, \
+        '%s list must not be empty' % field
+
+
+def assert_non_empty_dict(obj, field):
+    assert isinstance(obj[field], dict), \
+        '%s must be a dict' % field
+    assert len(obj[field]) > 0, \
+        '%s dict must not be empty' % field
+
+
+def assert_contains(obj, field):
+    assert field in obj, 'Must contain field "%s"' % field
+
+
+def assert_string_from(obj, field, items):
+   assert obj[field] in items, \
+        'Field "%s" must be from: %s' % (field, str(items))
+
+
+def assert_string_or_list_items_from(obj, field, items):
+    if isinstance(obj[field], basestring):
+        assert_string_from(obj, field, items)
+        return
+
+    assert isinstance(obj[field], list), "%s must be a list!" % field
+    for allowed_value in obj[field]:
+        assert allowed_value != '*', "Wildcard is not supported for lists!"
+        assert allowed_value in items, \
+            'Field "%s" must be from: %s' % (field, str(items))
+
+
+def assert_contains_only_fields(obj, expected_fields):
+    for expected_field in expected_fields:
+        assert_contains(obj, expected_field)
+
+    for actual_field in obj:
+        assert actual_field in expected_fields, \
+                'Unexpected field "%s".' % actual_field
+
+
+def assert_value_unique_in(value, used_values):
+    assert value not in used_values, 'Duplicate value "%s"!' % str(value)
+    used_values[value] = True
+
+
+def assert_valid_artifact(exp_pattern, artifact_key, schema):
+    if isinstance(schema, list):
+        assert_string_or_list_items_from(exp_pattern, artifact_key,
+                                         ["*"] + schema)
+        return
+
+    for sub_artifact_key, sub_schema in schema.iteritems():
+        assert_valid_artifact(exp_pattern[artifact_key], sub_artifact_key,
+                              sub_schema)
+
+def validate(spec_json, details):
+    """ Validates the json specification for generating tests. """
+
+    details['object'] = spec_json
+    assert_contains_only_fields(spec_json, ["specification",
+                                            "test_expansion_schema",
+                                            "excluded_tests"])
+    assert_non_empty_list(spec_json, "specification")
+    assert_non_empty_dict(spec_json, "test_expansion_schema")
+    assert_non_empty_list(spec_json, "excluded_tests")
+
+    specification = spec_json['specification']
+    test_expansion_schema = spec_json['test_expansion_schema']
+    excluded_tests = spec_json['excluded_tests']
+
+    valid_test_expansion_fields = ['name'] + test_expansion_schema.keys()
+
+    # Validate each single spec.
+    for spec in specification:
+        details['object'] = spec
+
+        # Validate required fields for a single spec.
+        assert_contains_only_fields(spec, ['name',
+                                           'title',
+                                           'description',
+                                           'specification_url',
+                                           'test_expansion'])
+        assert_non_empty_string(spec, 'name')
+        assert_non_empty_string(spec, 'title')
+        assert_non_empty_string(spec, 'description')
+        assert_non_empty_string(spec, 'specification_url')
+        assert_non_empty_list(spec, 'test_expansion')
+
+        # Validate spec's test expansion.
+        used_spec_names = {}
+
+        for spec_exp in spec['test_expansion']:
+            details['object'] = spec_exp
+            assert_non_empty_string(spec_exp, 'name')
+             # The name is unique in same expansion group.
+            assert_value_unique_in((spec_exp['expansion'], spec_exp['name']),
+                                   used_spec_names)
+            assert_contains_only_fields(spec_exp, valid_test_expansion_fields)
+
+            for artifact in test_expansion_schema:
+                details['test_expansion_field'] = artifact
+                assert_valid_artifact(spec_exp, artifact,
+                                      test_expansion_schema[artifact])
+                del details['test_expansion_field']
+
+    # Validate the test_expansion schema members.
+    details['object'] = test_expansion_schema
+    assert_contains_only_fields(test_expansion_schema, ['expansion',
+                                                        'source_scheme',
+                                                        'opt_in_method',
+                                                        'context_nesting',
+                                                        'redirection',
+                                                        'subresource',
+                                                        'origin',
+                                                        'expectation'])
+    # Validate excluded tests.
+    details['object'] = excluded_tests
+    for excluded_test_expansion in excluded_tests:
+        assert_contains_only_fields(excluded_test_expansion,
+                                    valid_test_expansion_fields)
+
+
+    del details['object']
+
+
+def assert_valid_spec_json(spec_json):
+    error_details = {}
+    try:
+        validate(spec_json, error_details)
+    except AssertionError, err:
+        print 'ERROR:', err.message
+        print json.dumps(error_details, indent=4)
+        sys.exit(1)
+
+
+def main():
+    spec_json = load_spec_json();
+    assert_valid_spec_json(spec_json)
+    print "Spec JSON is valid."
+
+
+if __name__ == '__main__':
+    main()
diff --git a/testing/web-platform/tests/mixed-content/generic/worker.js b/testing/web-platform/tests/mixed-content/generic/worker.js
new file mode 100644
index 000000000..7e2168bcc
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/generic/worker.js
@@ -0,0 +1 @@
+postMessage('done');
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..ac620c107
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..abc81b301
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..27c67b081
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..1816b4231
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..509fc3475
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..61baeee79
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..743515ed3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..88a54250a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..2098a60b6
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..029d34c4f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..c72ca267f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b50a7b70a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/cross-origin-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..5fd63aa6d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..e6f742213
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..522e94420
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/audio-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..ad615e9b2
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b6f92431a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..580f4b549
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/img-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..fa8bd8a1f
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..685f34582
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..ab0378461
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..8b64104bd
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/keep-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..abe3385b0
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..78d9f8d5d
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: http-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "http-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
new file mode 100644
index 000000000..46e2255e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/http-csp/same-host-http/video-tag/top-level/swap-scheme-redirect/opt-in-blocks.https.html.headers
@@ -0,0 +1 @@
+Content-Security-Policy: block-all-mixed-content
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..283c34207
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..684d2449a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..7f5cc2955
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..a181ecd38
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/cross-origin-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..1c65507b4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/audio-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..b05dff3b3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/img-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..28003d9a1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/link-prefetch-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
new file mode 100644
index 000000000..05f1890c9
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/meta-csp/same-host-http/video-tag/top-level/no-redirect/opt-in-blocks.https.html
@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: meta-csp
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: blocked">
+    <meta http-equiv="Content-Security-Policy" content="block-all-mixed-content">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "meta-csp",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "blocked"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..15fe5d2af
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..2da4a2b93
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..8b610ada7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/audio-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..5a7bdc3b5
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..6c0a9f5e6
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..c9ffbfd0c
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/img-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..766298614
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..5bcce0017
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..312303234
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/link-prefetch-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..561a2f7c1
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..e02134b4a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..f90575c13
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/cross-origin-http/video-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: cross-origin-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "cross-origin-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..cd4d8a52e
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..20d31cf69
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..2ed233dc8
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/audio-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: audio-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "audio-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..aab662fc3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..6f0a8fded
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..f55cce437
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/img-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: img-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "img-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..26c765720
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..582f6c63a
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..a7feabccb
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/link-prefetch-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: link-prefetch-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "link-prefetch-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..68bfc2b84
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/keep-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: keep-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "keep-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/no-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/no-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..2e5eff5a7
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/no-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: no-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "no-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
new file mode 100644
index 000000000..8c5bd7b08
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/optionally-blockable/no-opt-in/same-host-http/video-tag/top-level/swap-scheme-redirect/no-opt-in-allows.https.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.release.html.template. -->
+<html>
+  <head>
+    <title>Mixed-Content: Optionally-blockable content</title>
+    <meta charset='utf-8'>
+    <meta name="description" content="Test behavior of optionally-blockable content">
+    <link rel="author" title="Kristijan Burnik" href="burnik@chromium.org">
+    <link rel="help" href="http://www.w3.org/TR/mixed-content/#category-optionally-blockable">
+    <meta name="assert" content="opt_in_method: no-opt-in
+                                 origin: same-host-http
+                                 source_scheme: https
+                                 context_nesting: top-level
+                                 redirection: swap-scheme-redirect
+                                 subresource: video-tag
+                                 expectation: allowed">
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/mixed-content/generic/common.js"></script>
+    <script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script>
+  </head>
+  <body>
+    <script>
+      MixedContentTestCase(
+        {
+          "opt_in_method": "no-opt-in",
+          "origin": "same-host-http",
+          "source_scheme": "https",
+          "context_nesting": "top-level",
+          "redirection": "swap-scheme-redirect",
+          "subresource": "video-tag",
+          "expectation": "allowed"
+        },
+        document.querySelector("meta[name=assert]").content,
+        new SanityChecker()
+      ).start();
+      </script>
+    <div id="log"></div>
+  </body>
+</html>
diff --git a/testing/web-platform/tests/mixed-content/spec.src.json b/testing/web-platform/tests/mixed-content/spec.src.json
new file mode 100644
index 000000000..3f1540ab4
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/spec.src.json
@@ -0,0 +1,258 @@
+{
+  "specification": [
+    {
+      "name": "optionally-blockable",
+      "title": "Optionally-blockable content",
+      "description": "Test behavior of optionally-blockable content",
+      "specification_url": "http://www.w3.org/TR/mixed-content/#category-optionally-blockable",
+      "test_expansion": [
+        {
+          "name": "opt-in-blocks",
+          "expansion": "default",
+          "source_scheme": "https",
+          "opt_in_method": ["http-csp", "meta-csp"],
+          "context_nesting": "top-level",
+          "redirection": "*",
+          "subresource": {
+            "blockable": [],
+            "optionally-blockable": "*"
+          },
+          "origin": ["cross-origin-http", "same-host-http"],
+          "expectation": "blocked"
+        },
+        {
+          "name": "no-opt-in-allows",
+          "expansion": "default",
+          "source_scheme": "https",
+          "opt_in_method": "no-opt-in",
+          "context_nesting": "top-level",
+          "redirection": "*",
+          "subresource": {
+            "blockable": [],
+            "optionally-blockable": "*"
+          },
+          "origin": ["cross-origin-http", "same-host-http"],
+          "expectation": "allowed"
+        }
+      ]
+    },
+    {
+      "name": "blockable",
+      "title": "Blockable content",
+      "description": "Test behavior of blockable content.",
+      "specification_url": "http://www.w3.org/TR/mixed-content/#category-blockable",
+      "test_expansion": [
+        {
+          "name": "opt-in-blocks",
+          "expansion": "default",
+          "source_scheme": "https",
+          "opt_in_method": ["http-csp", "meta-csp"],
+          "context_nesting": "top-level",
+          "redirection": "*",
+          "subresource": {
+            "blockable": "*",
+            "optionally-blockable": []
+          },
+          "origin": ["cross-origin-http", "same-host-http"],
+          "expectation": "blocked"
+        },
+        {
+          "name": "no-opt-in-blocks",
+          "expansion": "default",
+          "source_scheme": "https",
+          "opt_in_method": "no-opt-in",
+          "context_nesting": "top-level",
+          "redirection": "*",
+          "subresource": {
+            "blockable": "*",
+            "optionally-blockable": []
+          },
+          "origin": ["cross-origin-http", "same-host-http"],
+          "expectation": "blocked"
+        },
+        {
+          "name": "ws-downgrade-blocks",
+          "expansion": "default",
+          "source_scheme": "https",
+          "opt_in_method": ["no-opt-in", "http-csp", "meta-csp"],
+          "context_nesting": "top-level",
+          "redirection": "*",
+          "subresource": {
+            "blockable": "websocket-request",
+            "optionally-blockable": []
+          },
+          "origin": ["cross-origin-ws", "same-host-ws"],
+          "expectation": "blocked"
+        }
+      ]
+    },
+    {
+      "name": "allowed",
+      "title": "Allowed content",
+      "description": "Test behavior of allowed content.",
+      "specification_url": "http://www.w3.org/TR/mixed-content/",
+      "test_expansion": [
+        {
+          "name": "allowed",
+          "expansion": "default",
+          "source_scheme": "https",
+          "opt_in_method": "*",
+          "context_nesting": "top-level",
+          "redirection": ["no-redirect", "keep-scheme-redirect"],
+          "subresource": {
+            "blockable": "*",
+            "optionally-blockable": "*"
+          },
+          "origin": ["same-host-https"],
+          "expectation": "allowed"
+        },
+        {
+          "name": "websocket-allowed",
+          "expansion": "default",
+          "source_scheme": "https",
+          "opt_in_method": "*",
+          "context_nesting": "top-level",
+          "redirection": ["no-redirect", "keep-scheme-redirect"],
+          "subresource": {
+            "blockable": "websocket-request",
+            "optionally-blockable": []
+          },
+          "origin": ["same-host-wss"],
+          "expectation": "allowed"
+        }
+      ]
+    }
+  ],
+
+  "excluded_tests": [
+    {
+      "name": "Redundant-subresources",
+      "expansion": "*",
+      "source_scheme": "*",
+      "opt_in_method": "*",
+      "context_nesting": "*",
+      "redirection": "*",
+      "subresource": {
+        "blockable": [
+          "a-tag"
+        ],
+        "optionally-blockable": []
+      },
+      "origin": "*",
+      "expectation": "*"
+    },
+    {
+      "name": "Skip-origins-not-applicable-to-websockets",
+      "expansion": "*",
+      "source_scheme": "*",
+      "opt_in_method": "*",
+      "context_nesting": "*",
+      "redirection": "*",
+      "subresource": {
+        "blockable": [
+          "websocket-request"
+        ],
+        "optionally-blockable": []
+      },
+      "origin": [
+        "same-host-https",
+        "same-host-http",
+        "cross-origin-https",
+        "cross-origin-http"
+      ],
+      "expectation": "*"
+    },
+    {
+      "name": "TODO-opt-in-method-img-cross-origin",
+      "expansion": "*",
+      "source_scheme": "*",
+      "opt_in_method": "img-crossorigin",
+      "context_nesting": "*",
+      "redirection": "*",
+      "subresource": {
+        "blockable": "*",
+        "optionally-blockable": "*"
+      },
+      "origin": "*",
+      "expectation": "*"
+    },
+    {
+      "name": "Skip-redundant-for-opt-in-method",
+      "expansion": "*",
+      "source_scheme": "*",
+      "opt_in_method":  [
+        "meta-csp",
+        "img-crossorigin"
+      ],
+      "context_nesting": "*",
+      "redirection": ["keep-scheme-redirect", "swap-scheme-redirect"],
+      "subresource": {
+        "blockable": "*",
+        "optionally-blockable": "*"
+      },
+      "origin": "*",
+      "expectation": "*"
+    }
+  ],
+
+  "test_expansion_schema": {
+    "expansion": [
+      "default",
+      "override"
+    ],
+    "source_scheme": [
+      "http",
+      "https"
+    ],
+    "opt_in_method": [
+      "no-opt-in",
+      "http-csp",
+      "meta-csp",
+      "img-crossorigin"
+    ],
+    "redirection": [
+      "no-redirect",
+      "keep-scheme-redirect",
+      "swap-scheme-redirect"
+    ],
+    "context_nesting": [
+      "top-level",
+      "sub-level"
+    ],
+    "origin": [
+      "same-host-https",
+      "same-host-http",
+      "cross-origin-https",
+      "cross-origin-http",
+      "same-host-wss",
+      "same-host-ws",
+      "cross-origin-wss",
+      "cross-origin-ws"
+    ],
+    "subresource": {
+      "blockable": [
+        "iframe-tag",
+        "script-tag",
+        "link-css-tag",
+        "form-tag",
+        "xhr-request",
+        "worker-request",
+        "fetch-request",
+        "a-tag",
+        "object-tag",
+        "picture-tag",
+        "websocket-request"
+      ],
+      "optionally-blockable": [
+        "img-tag",
+        "audio-tag",
+        "video-tag",
+        "link-prefetch-tag"
+      ]
+    },
+    "expectation": [
+      "allowed",
+      "blocked"
+    ]
+  }
+}
diff --git a/testing/web-platform/tests/mixed-content/spec_json.js b/testing/web-platform/tests/mixed-content/spec_json.js
new file mode 100644
index 000000000..5de1b17e3
--- /dev/null
+++ b/testing/web-platform/tests/mixed-content/spec_json.js
@@ -0,0 +1 @@
+var SPEC_JSON = {"test_expansion_schema": {"origin": ["same-host-https", "same-host-http", "cross-origin-https", "cross-origin-http", "same-host-wss", "same-host-ws", "cross-origin-wss", "cross-origin-ws"], "subresource": {"blockable": ["iframe-tag", "script-tag", "link-css-tag", "form-tag", "xhr-request", "worker-request", "fetch-request", "a-tag", "object-tag", "picture-tag", "websocket-request"], "optionally-blockable": ["img-tag", "audio-tag", "video-tag", "link-prefetch-tag"]}, "context_nesting": ["top-level", "sub-level"], "expectation": ["allowed", "blocked"], "expansion": ["default", "override"], "redirection": ["no-redirect", "keep-scheme-redirect", "swap-scheme-redirect"], "opt_in_method": ["no-opt-in", "http-csp", "meta-csp", "img-crossorigin"], "source_scheme": ["http", "https"]}, "specification": [{"test_expansion": [{"origin": ["cross-origin-http", "same-host-http"], "name": "opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": [], "optionally-blockable": "*"}}, {"origin": ["cross-origin-http", "same-host-http"], "name": "no-opt-in-allows", "redirection": "*", "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "no-opt-in", "source_scheme": "https", "subresource": {"blockable": [], "optionally-blockable": "*"}}], "description": "Test behavior of optionally-blockable content", "specification_url": "http://www.w3.org/TR/mixed-content/#category-optionally-blockable", "name": "optionally-blockable", "title": "Optionally-blockable content"}, {"test_expansion": [{"origin": ["cross-origin-http", "same-host-http"], "name": "opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": []}}, {"origin": ["cross-origin-http", "same-host-http"], "name": "no-opt-in-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "no-opt-in", "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": []}}, {"origin": ["cross-origin-ws", "same-host-ws"], "name": "ws-downgrade-blocks", "redirection": "*", "expectation": "blocked", "expansion": "default", "context_nesting": "top-level", "opt_in_method": ["no-opt-in", "http-csp", "meta-csp"], "source_scheme": "https", "subresource": {"blockable": "websocket-request", "optionally-blockable": []}}], "description": "Test behavior of blockable content.", "specification_url": "http://www.w3.org/TR/mixed-content/#category-blockable", "name": "blockable", "title": "Blockable content"}, {"test_expansion": [{"origin": ["same-host-https"], "name": "allowed", "redirection": ["no-redirect", "keep-scheme-redirect"], "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "*", "source_scheme": "https", "subresource": {"blockable": "*", "optionally-blockable": "*"}}, {"origin": ["same-host-wss"], "name": "websocket-allowed", "redirection": ["no-redirect", "keep-scheme-redirect"], "expectation": "allowed", "expansion": "default", "context_nesting": "top-level", "opt_in_method": "*", "source_scheme": "https", "subresource": {"blockable": "websocket-request", "optionally-blockable": []}}], "description": "Test behavior of allowed content.", "specification_url": "http://www.w3.org/TR/mixed-content/", "name": "allowed", "title": "Allowed content"}], "excluded_tests": [{"origin": "*", "name": "Redundant-subresources", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "*", "source_scheme": "*", "subresource": {"blockable": ["a-tag"], "optionally-blockable": []}}, {"origin": ["same-host-https", "same-host-http", "cross-origin-https", "cross-origin-http"], "name": "Skip-origins-not-applicable-to-websockets", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "*", "source_scheme": "*", "subresource": {"blockable": ["websocket-request"], "optionally-blockable": []}}, {"origin": "*", "name": "TODO-opt-in-method-img-cross-origin", "redirection": "*", "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": "img-crossorigin", "source_scheme": "*", "subresource": {"blockable": "*", "optionally-blockable": "*"}}, {"origin": "*", "name": "Skip-redundant-for-opt-in-method", "redirection": ["keep-scheme-redirect", "swap-scheme-redirect"], "expectation": "*", "expansion": "*", "context_nesting": "*", "opt_in_method": ["meta-csp", "img-crossorigin"], "source_scheme": "*", "subresource": {"blockable": "*", "optionally-blockable": "*"}}]};