[Site Isolation] Begin unskipping tests in http/tests/security

https://bugs.webkit.org/show_bug.cgi?id=271350 Reviewed by Alex Christensen. * LayoutTests/platform/mac-site-isolation/TestExpectations: Canonical link: https://commits.webkit.org/276438@main
WebKit · Mar 21, 2024 · 18d622f · 18d622f
1 parent 09c434a
commit 18d622f
Showing 1 changed file with 246 additions and 1 deletion.
diff --git a/LayoutTests/platform/mac-site-isolation/TestExpectations b/LayoutTests/platform/mac-site-isolation/TestExpectations
@@ -97,7 +97,23 @@ http/tests/referrer-policy-script [ Skip ]
 http/tests/resourceLoadStatistics [ Skip ]
 http/tests/resources [ Skip ]
 http/tests/scroll-to-text-fragment [ Skip ]
-http/tests/security [ Skip ]
+http/tests/security/401-logout [ Skip ]
+http/tests/security/aboutBlank [ Skip ]
+http/tests/security/clipboard [ Skip ]
+http/tests/security/contentSecurityPolicy [ Skip ]
+http/tests/security/contentTypeOptions [ Skip ]
+http/tests/security/cookies [ Skip ]
+http/tests/security/dataURL [ Skip ]
+http/tests/security/frameNavigation [ Skip ]
+http/tests/security/http-0.9 [ Skip ]
+http/tests/security/isolatedWorld [ Skip ]
+http/tests/security/javascriptURL [ Skip ]
+http/tests/security/listener [ Skip ]
+http/tests/security/MessagePort [ Skip ]
+http/tests/security/mixedContent [ Skip ]
+http/tests/security/originHeader [ Skip ]
+http/tests/security/postMessage [ Skip ]
+http/tests/security/XFrameOptions [ Skip ]
 http/tests/site [ Skip ]-isolation
 http/tests/ssl [ Skip ]
 http/tests/storage [ Skip ]
@@ -178,6 +194,11 @@ workers [ Skip ]
 ####################
 # Tests that crash #
 ####################
+http/tests/security/data-url-host.html [ Skip ]
+http/tests/security/detached-sandboxed-frame-access.html [ Skip ]
+http/tests/security/navigate-when-restoring-cached-page.html [ Skip ]
+http/tests/security/service-worker-network-load.html [ Skip ]
+http/tests/security/xss-DENIED-iframe-src-alias.html [ Skip ]
 http/tests/site-isolation/frame-access-after-window-open.html [ Skip ]
 http/tests/site-isolation/iframe-and-window-open.html [ Skip ]
 http/tests/site-isolation/window-open-with-name.html [ Skip ]
@@ -191,6 +212,133 @@ http/tests/loading/main-resource-delegates-on-back-navigation.html [ Skip ]
 http/tests/loading/sizes/preload-image-sizes-2x.html [ Skip ]
 http/tests/loading/unfinished-load-back-to-cached-page-callbacks.html [ Skip ]
 http/tests/loading/unfinished-main-resource-back-to-cached-page-callbacks.html [ Skip ]
+http/tests/security/allow-top-level-navigations-by-third-party-iframes-to-same-origin.html [ Skip ]
+http/tests/security/anchor-download-allow-blob.html [ Skip ]
+http/tests/security/anchor-download-allow-data.html [ Skip ]
+http/tests/security/anchor-download-allow-sameorigin.html [ Skip ]
+http/tests/security/anchor-download-block-crossorigin.html [ Skip ]
+http/tests/security/anchor-download-octet-stream-no-extension.html [ Skip ]
+http/tests/security/beforeload-iframe-client-redirect.html [ Skip ]
+http/tests/security/beforeload-iframe-server-redirect.html [ Skip ]
+http/tests/security/bypassing-cors-checks-for-extension-urls.html [ Skip ]
+http/tests/security/canvas-cors-with-two-hosts.html [ Skip ]
+http/tests/security/canvas-remote-read-remote-video-allowed-anonymous.html [ Skip ]
+http/tests/security/canvas-remote-read-remote-video-allowed-redirect.html [ Skip ]
+http/tests/security/canvas-remote-read-remote-video-allowed-with-credentials.html [ Skip ]
+http/tests/security/canvas-remote-read-remote-video-blocked-no-crossorigin.html [ Skip ]
+http/tests/security/clean-origin-css-exposed-resource-timing.html [ Skip ]
+http/tests/security/cookie-module-import-propagate.html [ Skip ]
+http/tests/security/cookie-module-propagate.html [ Skip ]
+http/tests/security/cookie-module.html [ Skip ]
+http/tests/security/cors-post-redirect-301.html [ Skip ]
+http/tests/security/cors-post-redirect-302.html [ Skip ]
+http/tests/security/cors-post-redirect-303.html [ Skip ]
+http/tests/security/cors-post-redirect-307-pson.html [ Skip ]
+http/tests/security/cors-post-redirect-307.html [ Skip ]
+http/tests/security/cors-post-redirect-308.html [ Skip ]
+http/tests/security/credentials-from-different-domains.html [ Skip ]
+http/tests/security/credentials-iframes.html [ Skip ]
+http/tests/security/cross-frame-access-delete.html [ Skip ]
+http/tests/security/cross-frame-access-location-put.html [ Skip ]
+http/tests/security/cross-frame-access-object-prototype.html [ Skip ]
+http/tests/security/cross-frame-access-private-browsing.html [ Skip ]
+http/tests/security/cross-origin-blob-transfer.html [ Skip ]
+http/tests/security/cross-origin-clean-css-resource-timing.html [ Skip ]
+http/tests/security/cross-origin-css-1.html [ Skip ]
+http/tests/security/cross-origin-css-2.html [ Skip ]
+http/tests/security/cross-origin-css-3.html [ Skip ]
+http/tests/security/cross-origin-css-4.html [ Skip ]
+http/tests/security/cross-origin-css-5.html [ Skip ]
+http/tests/security/cross-origin-css-6.html [ Skip ]
+http/tests/security/cross-origin-css-7.html [ Skip ]
+http/tests/security/cross-origin-css-8.html [ Skip ]
+http/tests/security/cross-origin-css-9.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-1.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-2.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-3.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-4.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-5.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-6.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-7.html [ Skip ]
+http/tests/security/cross-origin-css-in-quirks-8.html [ Skip ]
+http/tests/security/cross-origin-css-resource-timing.html [ Skip ]
+http/tests/security/cross-origin-descriptors.html [ Skip ]
+http/tests/security/cross-origin-js-prompt-allowed.html [ Skip ]
+http/tests/security/cross-origin-reified-window-location-setting.html [ Skip ]
+http/tests/security/cross-origin-session-storage-third-party-partitioned.html [ Skip ]
+http/tests/security/cross-origin-window-open-insert-script.html [ Skip ]
+http/tests/security/cross-origin-window-open-javascript-url.html [ Skip ]
+http/tests/security/dataTransfer-set-data-file-url.html [ Skip ]
+http/tests/security/denied-base-url-javascript-url.html [ Skip ]
+http/tests/security/document-all.html [ Skip ]
+http/tests/security/drag-drop-different-origin.html [ Skip ]
+http/tests/security/drag-drop-local-file.html [ Skip ]
+http/tests/security/getdatabases-crossorigin.html [ Skip ]
+http/tests/security/history-username-password.html [ Skip ]
+http/tests/security/insecure-geolocation.html [ Skip ]
+http/tests/security/isolate-geolocation-watch-id-per-document.html [ Skip ]
+http/tests/security/load-image-after-redirection-2.html [ Skip ]
+http/tests/security/load-image-after-redirection.html [ Skip ]
+http/tests/security/location-cross-origin.html [ Skip ]
+http/tests/security/mixedcontent-geolocation-block-insecure-content.html [ Skip ]
+http/tests/security/mixedcontent-geolocation.html [ Skip ]
+http/tests/security/move-iframe-within-focus-handler-inside-removal.html [ Skip ]
+http/tests/security/object-literals.html [ Skip ]
+http/tests/security/popup-allowed-by-sandbox-is-sandboxed-control.html [ Skip ]
+http/tests/security/popup-allowed-by-sandbox-is-sandboxed.html [ Skip ]
+http/tests/security/popup-allowed-by-sandbox-when-allowed.html [ Skip ]
+http/tests/security/referrer-policy-header-and-meta-tag-emptyString.html [ Skip ]
+http/tests/security/referrer-policy-header-and-meta-tag.html [ Skip ]
+http/tests/security/referrer-policy-header.html [ Skip ]
+http/tests/security/referrer-policy-https-always.html [ Skip ]
+http/tests/security/referrer-policy-https-default.html [ Skip ]
+http/tests/security/referrer-policy-https-never.html [ Skip ]
+http/tests/security/referrer-policy-https-no-referrer-when-downgrade.html [ Skip ]
+http/tests/security/referrer-policy-https-no-referrer.html [ Skip ]
+http/tests/security/referrer-policy-https-origin.html [ Skip ]
+http/tests/security/referrer-policy-https-unsafe-url.html [ Skip ]
+http/tests/security/referrer-policy-nested-window-open.html [ Skip ]
+http/tests/security/referrer-policy-redirect-link-downgrade.html [ Skip ]
+http/tests/security/referrer-policy-redirect-link.html [ Skip ]
+http/tests/security/referrer-policy-rel-noreferrer.html [ Skip ]
+http/tests/security/referrer-policy-subframe-window-open.html [ Skip ]
+http/tests/security/referrer-policy-window-open-subframe.html [ Skip ]
+http/tests/security/referrer-policy-window-open.html [ Skip ]
+http/tests/security/same-origin-css-1.html [ Skip ]
+http/tests/security/same-origin-css-2.html [ Skip ]
+http/tests/security/same-origin-css-3.html [ Skip ]
+http/tests/security/same-origin-css-4.html [ Skip ]
+http/tests/security/same-origin-css-5.html [ Skip ]
+http/tests/security/same-origin-css-6.html [ Skip ]
+http/tests/security/same-origin-css-7.html [ Skip ]
+http/tests/security/same-origin-css-8.html [ Skip ]
+http/tests/security/same-origin-css-in-quirks.html [ Skip ]
+http/tests/security/same-origin-different-domain-js-prompt-allowed.html [ Skip ]
+http/tests/security/sandbox-iframe-and-blob.https.html [ Skip ]
+http/tests/security/sandboxed-iframe-origin-add.html [ Skip ]
+http/tests/security/sandboxed-iframe-origin-remove.html [ Skip ]
+http/tests/security/top-level-unique-origin2.https.html [ Skip ]
+http/tests/security/video-cross-origin-caching.html [ Skip ]
+http/tests/security/video-cross-origin-readback.html [ Skip ]
+http/tests/security/webaudio-render-remote-audio-allowed-crossorigin-redirect.html [ Skip ]
+http/tests/security/webaudio-render-remote-audio-allowed-crossorigin.html [ Skip ]
+http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin-redirect.html [ Skip ]
+http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html [ Skip ]
+http/tests/security/window-events-clear-domain.html [ Skip ]
+http/tests/security/window-events-clear-port.html [ Skip ]
+http/tests/security/window-events-pass.html [ Skip ]
+http/tests/security/window-name-after-cross-origin-aux-frame-navigation.html [ Skip ]
+http/tests/security/window-name-after-same-origin-aux-frame-navigation.html [ Skip ]
+http/tests/security/window-named-proto.html [ Skip ]
+http/tests/security/window-named-valueOf.html [ Skip ]
+http/tests/security/window-opened-from-sandboxed-iframe-should-inherit-sandbox.html [ Skip ]
+http/tests/security/xss-DENIED-click-and-form-submission-from-inactive-domwindow.html [ Skip ]
+http/tests/security/xss-DENIED-script-inject-into-inactive-window.html [ Skip ]
+http/tests/security/xss-DENIED-script-inject-into-inactive-window2-pson.html [ Skip ]
+http/tests/security/xss-DENIED-script-inject-into-inactive-window2.html [ Skip ]
+http/tests/security/xss-DENIED-script-inject-into-inactive-window3.html [ Skip ]
+http/tests/security/xss-DENIED-synchronous-frame-load-in-javascript-url.html [ Skip ]
+http/tests/security/xss-DENIED-xsl-document-securityOrigin.xml [ Skip ]
 http/tests/site-isolation/key-events.html [ Skip ]
 http/tests/site-isolation/mouse-events [ Skip ]
 http/tests/site-isolation/scrolling/basic-scrolling-tree.html [ Skip ]
@@ -251,3 +399,100 @@ http/tests/loading/slow-parsing-subframe.html [ Skip ]
 http/tests/loading/state-object-security-exception.html [ Skip ]
 http/tests/loading/test.html [ Skip ]
 http/tests/loading/text-content-type-with-binary-extension.html [ Skip ]
+http/tests/security/basic-auth-subresource.html [ Skip ]
+http/tests/security/block-top-level-navigation-to-different-scheme-by-third-party-iframes.html [ Skip ]
+http/tests/security/block-top-level-navigations-by-sandboxed-iframe-with-propagated-user-gesture.html [ Skip ]
+http/tests/security/block-top-level-navigations-by-third-party-iframe-sandboxed-by-own-csp.html [ Skip ]
+http/tests/security/block-top-level-navigations-by-third-party-iframes.html [ Skip ]
+http/tests/security/block-top-level-navigations-by-third-party-sandboxed-iframe.html [ Skip ]
+http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes.html [ Skip ]
+http/tests/security/cross-frame-access-callback-explicit-domain-DENY.html [ Skip ]
+http/tests/security/cross-frame-access-child-explicit-domain.html [ Skip ]
+http/tests/security/cross-frame-access-custom.html [ Skip ]
+http/tests/security/cross-frame-access-document-direct.html [ Skip ]
+http/tests/security/cross-frame-access-frameelement.html [ Skip ]
+http/tests/security/cross-frame-access-frames.html [ Skip ]
+http/tests/security/cross-frame-access-history-prototype.html [ Skip ]
+http/tests/security/cross-frame-access-name-getter.html [ Skip ]
+http/tests/security/cross-frame-access-parent-explicit-domain.html [ Skip ]
+http/tests/security/cross-frame-access-port-explicit-domain.html [ Skip ]
+http/tests/security/cross-frame-access-port.html [ Skip ]
+http/tests/security/cross-frame-access-put.html [ Skip ]
+http/tests/security/cross-origin-cached-images.html [ Skip ]
+http/tests/security/cross-origin-css-primitive.html [ Skip ]
+http/tests/security/cross-origin-iframe-contentDocument.html [ Skip ]
+http/tests/security/cross-origin-indexeddb-allowed.html [ Skip ]
+http/tests/security/cross-origin-indexeddb.html [ Skip ]
+http/tests/security/cross-origin-session-storage-allowed.html [ Skip ]
+http/tests/security/cross-origin-session-storage-third-party-blocked.html [ Skip ]
+http/tests/security/cross-origin-window-property-caching-crash.html [ Skip ]
+http/tests/security/cross-origin-worker-indexeddb-allowed.html [ Skip ]
+http/tests/security/cross-origin-worker-indexeddb.html [ Skip ]
+http/tests/security/cross-origin-xsl-BLOCKED.html [ Skip ]
+http/tests/security/cross-origin-xsl-redirect-BLOCKED.html [ Skip ]
+http/tests/security/embedded-self-reference-after-url-modified.html [ Skip ]
+http/tests/security/frame-loading-via-document-write-async-delegates.html [ Skip ]
+http/tests/security/frame-loading-via-document-write.html [ Skip ]
+http/tests/security/history-pushState-replaceState-from-sandboxed-iframe.html [ Skip ]
+http/tests/security/host-compare-case-insensitive.html [ Skip ]
+http/tests/security/no-popup-from-sandbox-top.html [ Skip ]
+http/tests/security/protocol-compare-case-insensitive.html [ Skip ]
+http/tests/security/referrer-policy-always.html [ Skip ]
+http/tests/security/referrer-policy-default.html [ Skip ]
+http/tests/security/referrer-policy-header-multipart.html [ Skip ]
+http/tests/security/referrer-policy-invalid.html [ Skip ]
+http/tests/security/referrer-policy-never.html [ Skip ]
+http/tests/security/referrer-policy-no-referrer-when-downgrade.html [ Skip ]
+http/tests/security/referrer-policy-no-referrer.html [ Skip ]
+http/tests/security/referrer-policy-origin.html [ Skip ]
+http/tests/security/referrer-policy-redirect.html [ Skip ]
+http/tests/security/same-origin-document-domain-storage-allowed.html [ Skip ]
+http/tests/security/same-origin-storage-blocked.html [ Skip ]
+http/tests/security/sandbox-inherit-to-initial-document.html [ Skip ]
+http/tests/security/sandboxed-iframe-blocks-access-from-parent.html [ Skip ]
+http/tests/security/sandboxed-iframe-document-cookie.html [ Skip ]
+http/tests/security/sandboxed-iframe-form-top.html [ Skip ]
+http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html [ Skip ]
+http/tests/security/sandboxed-iframe-geolocation-watchPosition.html [ Skip ]
+http/tests/security/sandboxed-iframe-javascript-top-navigation.html [ Skip ]
+http/tests/security/sandboxed-iframe-modify-self.html [ Skip ]
+http/tests/security/srcdoc-inherits-referrer-for-forms.html [ Skip ]
+http/tests/security/srcdoc-inherits-referrer.html [ Skip ]
+http/tests/security/storage-blocking-loosened-local-storage.html [ Skip ]
+http/tests/security/storage-blocking-strengthened-local-storage.html [ Skip ]
+http/tests/security/video-poster-cross-origin-crash2.html [ Skip ]
+http/tests/security/window-name-after-cross-origin-main-frame-navigation.html [ Skip ]
+http/tests/security/window-name-after-cross-origin-sub-frame-navigation.html [ Skip ]
+http/tests/security/window-properties-clear-domain.html [ Skip ]
+http/tests/security/window-properties-clear-port.html [ Skip ]
+http/tests/security/window-properties-pass.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-hash.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-host.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-hostname.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-href-javascript.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-nonstandardProperty.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-pathname.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-protocol.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-reload.html [ Skip ]
+http/tests/security/xss-DENIED-assign-location-search.html [ Skip ]
+http/tests/security/xss-DENIED-defineProperty.html [ Skip ]
+http/tests/security/xss-DENIED-frame-name.html [ Skip ]
+http/tests/security/xss-DENIED-getSVGDocument-iframe.html [ Skip ]
+http/tests/security/xss-DENIED-getSVGDocument-object.html [ Skip ]
+http/tests/security/xss-DENIED-javascript-with-spaces.html [ Skip ]
+http/tests/security/xss-DENIED-method-with-iframe-proto.html [ Skip ]
+http/tests/security/xss-DENIED-synchronous-form.html [ Skip ]
+http/tests/security/xss-DENIED-window-name-alert.html [ Skip ]
+http/tests/security/xss-DENIED-window-name-navigator.html [ Skip ]
+http/tests/security/xss-DENIED-window-open-javascript-url-with-spaces.html [ Skip ]
+http/tests/security/xss-DENIED-window-open-javascript-url.html [ Skip ]
+http/tests/security/xss-DENIED-window-open-parent.html [ Skip ]
+
+#########################
+# Image tests that fail #
+#########################
+http/tests/security/css-mask-image-credentials.html [ Skip ]
+http/tests/security/css-mask-image.html [ Skip ]
+http/tests/security/shape-image-cors.html [ Skip ]
+http/tests/security/shape-image-cors-redirect.html [ Skip ]
+http/tests/security/svg-image-with-cached-remote-image.html [ Skip ]