Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Mixed-Content: Add initial mixed-content tests and maintenance tools.
- Loading branch information
1 parent
98ed3ab
commit 0928e37
Showing
370 changed files
with
15,527 additions
and
0 deletions.
There are no files selected for viewing
57 changes: 57 additions & 0 deletions
57
...owed/http-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
<!DOCTYPE html> | ||
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.debug.html.template. --> | ||
<html> | ||
<head> | ||
<title>Mixed-Content: Allowed content</title> | ||
<meta charset='utf-8'> | ||
<meta name="description" content="Test behavior of allowed content."> | ||
<meta name="assert" content="opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: keep-scheme-redirect | ||
subresource: audio-tag | ||
expectation: allowed"> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<!-- Common global functions for mixed-content tests. --> | ||
<script src="/mixed-content/generic/common.js"></script> | ||
<!-- The original specification JSON for validating the scenario. --> | ||
<script src="/mixed-content/spec_json.js"></script> | ||
<!-- Internal checking of the tests --> | ||
<script src="/mixed-content/generic/sanity-checker.js"></script> | ||
<!-- Simple wrapper API for all mixed-content test cases. --> | ||
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> | ||
</head> | ||
<body> | ||
<h1>Allowed content</h1> | ||
<h2>Test behavior of allowed content.</h2> | ||
<pre>opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: keep-scheme-redirect | ||
subresource: audio-tag | ||
expectation: allowed</pre> | ||
|
||
<p>See <a href="http://www.w3.org/TR/mixed-content/" target="_blank">specification</a> | ||
details for this test.</p> | ||
|
||
<div id="log"></div> | ||
<script> | ||
MixedContentTestCase( | ||
{ | ||
"opt_in_method": "http-csp", | ||
"origin": "same-host-https", | ||
"source_scheme": "https", | ||
"context_nesting": "top-level", | ||
"redirection": "keep-scheme-redirect", | ||
"subresource": "audio-tag", | ||
"expectation": "allowed" | ||
}, | ||
document.querySelector("meta[name=assert]").content, | ||
new SanityChecker() | ||
).start(); | ||
</script> | ||
</body> | ||
</html> |
1 change: 1 addition & 0 deletions
1
...p-csp/same-host-https/audio-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Content-Security-Policy: block-all-mixed-content |
57 changes: 57 additions & 0 deletions
57
...ntent/allowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
<!DOCTYPE html> | ||
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.debug.html.template. --> | ||
<html> | ||
<head> | ||
<title>Mixed-Content: Allowed content</title> | ||
<meta charset='utf-8'> | ||
<meta name="description" content="Test behavior of allowed content."> | ||
<meta name="assert" content="opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: no-redirect | ||
subresource: audio-tag | ||
expectation: allowed"> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<!-- Common global functions for mixed-content tests. --> | ||
<script src="/mixed-content/generic/common.js"></script> | ||
<!-- The original specification JSON for validating the scenario. --> | ||
<script src="/mixed-content/spec_json.js"></script> | ||
<!-- Internal checking of the tests --> | ||
<script src="/mixed-content/generic/sanity-checker.js"></script> | ||
<!-- Simple wrapper API for all mixed-content test cases. --> | ||
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> | ||
</head> | ||
<body> | ||
<h1>Allowed content</h1> | ||
<h2>Test behavior of allowed content.</h2> | ||
<pre>opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: no-redirect | ||
subresource: audio-tag | ||
expectation: allowed</pre> | ||
|
||
<p>See <a href="http://www.w3.org/TR/mixed-content/" target="_blank">specification</a> | ||
details for this test.</p> | ||
|
||
<div id="log"></div> | ||
<script> | ||
MixedContentTestCase( | ||
{ | ||
"opt_in_method": "http-csp", | ||
"origin": "same-host-https", | ||
"source_scheme": "https", | ||
"context_nesting": "top-level", | ||
"redirection": "no-redirect", | ||
"subresource": "audio-tag", | ||
"expectation": "allowed" | ||
}, | ||
document.querySelector("meta[name=assert]").content, | ||
new SanityChecker() | ||
).start(); | ||
</script> | ||
</body> | ||
</html> |
1 change: 1 addition & 0 deletions
1
...lowed/http-csp/same-host-https/audio-tag/top-level/no-redirect/allowed.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Content-Security-Policy: block-all-mixed-content |
57 changes: 57 additions & 0 deletions
57
.../http-csp/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
<!DOCTYPE html> | ||
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.debug.html.template. --> | ||
<html> | ||
<head> | ||
<title>Mixed-Content: Allowed content</title> | ||
<meta charset='utf-8'> | ||
<meta name="description" content="Test behavior of allowed content."> | ||
<meta name="assert" content="opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: keep-scheme-redirect | ||
subresource: fetch-request | ||
expectation: allowed"> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<!-- Common global functions for mixed-content tests. --> | ||
<script src="/mixed-content/generic/common.js"></script> | ||
<!-- The original specification JSON for validating the scenario. --> | ||
<script src="/mixed-content/spec_json.js"></script> | ||
<!-- Internal checking of the tests --> | ||
<script src="/mixed-content/generic/sanity-checker.js"></script> | ||
<!-- Simple wrapper API for all mixed-content test cases. --> | ||
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> | ||
</head> | ||
<body> | ||
<h1>Allowed content</h1> | ||
<h2>Test behavior of allowed content.</h2> | ||
<pre>opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: keep-scheme-redirect | ||
subresource: fetch-request | ||
expectation: allowed</pre> | ||
|
||
<p>See <a href="http://www.w3.org/TR/mixed-content/" target="_blank">specification</a> | ||
details for this test.</p> | ||
|
||
<div id="log"></div> | ||
<script> | ||
MixedContentTestCase( | ||
{ | ||
"opt_in_method": "http-csp", | ||
"origin": "same-host-https", | ||
"source_scheme": "https", | ||
"context_nesting": "top-level", | ||
"redirection": "keep-scheme-redirect", | ||
"subresource": "fetch-request", | ||
"expectation": "allowed" | ||
}, | ||
document.querySelector("meta[name=assert]").content, | ||
new SanityChecker() | ||
).start(); | ||
</script> | ||
</body> | ||
</html> |
1 change: 1 addition & 0 deletions
1
...p/same-host-https/fetch-request/top-level/keep-scheme-redirect/allowed.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Content-Security-Policy: block-all-mixed-content |
57 changes: 57 additions & 0 deletions
57
...t/allowed/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
<!DOCTYPE html> | ||
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.debug.html.template. --> | ||
<html> | ||
<head> | ||
<title>Mixed-Content: Allowed content</title> | ||
<meta charset='utf-8'> | ||
<meta name="description" content="Test behavior of allowed content."> | ||
<meta name="assert" content="opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: no-redirect | ||
subresource: fetch-request | ||
expectation: allowed"> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<!-- Common global functions for mixed-content tests. --> | ||
<script src="/mixed-content/generic/common.js"></script> | ||
<!-- The original specification JSON for validating the scenario. --> | ||
<script src="/mixed-content/spec_json.js"></script> | ||
<!-- Internal checking of the tests --> | ||
<script src="/mixed-content/generic/sanity-checker.js"></script> | ||
<!-- Simple wrapper API for all mixed-content test cases. --> | ||
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> | ||
</head> | ||
<body> | ||
<h1>Allowed content</h1> | ||
<h2>Test behavior of allowed content.</h2> | ||
<pre>opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: no-redirect | ||
subresource: fetch-request | ||
expectation: allowed</pre> | ||
|
||
<p>See <a href="http://www.w3.org/TR/mixed-content/" target="_blank">specification</a> | ||
details for this test.</p> | ||
|
||
<div id="log"></div> | ||
<script> | ||
MixedContentTestCase( | ||
{ | ||
"opt_in_method": "http-csp", | ||
"origin": "same-host-https", | ||
"source_scheme": "https", | ||
"context_nesting": "top-level", | ||
"redirection": "no-redirect", | ||
"subresource": "fetch-request", | ||
"expectation": "allowed" | ||
}, | ||
document.querySelector("meta[name=assert]").content, | ||
new SanityChecker() | ||
).start(); | ||
</script> | ||
</body> | ||
</html> |
1 change: 1 addition & 0 deletions
1
...d/http-csp/same-host-https/fetch-request/top-level/no-redirect/allowed.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Content-Security-Policy: block-all-mixed-content |
57 changes: 57 additions & 0 deletions
57
...lowed/http-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
<!DOCTYPE html> | ||
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.debug.html.template. --> | ||
<html> | ||
<head> | ||
<title>Mixed-Content: Allowed content</title> | ||
<meta charset='utf-8'> | ||
<meta name="description" content="Test behavior of allowed content."> | ||
<meta name="assert" content="opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: keep-scheme-redirect | ||
subresource: form-tag | ||
expectation: allowed"> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<!-- Common global functions for mixed-content tests. --> | ||
<script src="/mixed-content/generic/common.js"></script> | ||
<!-- The original specification JSON for validating the scenario. --> | ||
<script src="/mixed-content/spec_json.js"></script> | ||
<!-- Internal checking of the tests --> | ||
<script src="/mixed-content/generic/sanity-checker.js"></script> | ||
<!-- Simple wrapper API for all mixed-content test cases. --> | ||
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> | ||
</head> | ||
<body> | ||
<h1>Allowed content</h1> | ||
<h2>Test behavior of allowed content.</h2> | ||
<pre>opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: keep-scheme-redirect | ||
subresource: form-tag | ||
expectation: allowed</pre> | ||
|
||
<p>See <a href="http://www.w3.org/TR/mixed-content/" target="_blank">specification</a> | ||
details for this test.</p> | ||
|
||
<div id="log"></div> | ||
<script> | ||
MixedContentTestCase( | ||
{ | ||
"opt_in_method": "http-csp", | ||
"origin": "same-host-https", | ||
"source_scheme": "https", | ||
"context_nesting": "top-level", | ||
"redirection": "keep-scheme-redirect", | ||
"subresource": "form-tag", | ||
"expectation": "allowed" | ||
}, | ||
document.querySelector("meta[name=assert]").content, | ||
new SanityChecker() | ||
).start(); | ||
</script> | ||
</body> | ||
</html> |
1 change: 1 addition & 0 deletions
1
...tp-csp/same-host-https/form-tag/top-level/keep-scheme-redirect/allowed.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Content-Security-Policy: block-all-mixed-content |
57 changes: 57 additions & 0 deletions
57
...ontent/allowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
<!DOCTYPE html> | ||
<!-- DO NOT EDIT! Generated by mixed-content/generic/tools/generate.py using mixed-content/generic/template/test.debug.html.template. --> | ||
<html> | ||
<head> | ||
<title>Mixed-Content: Allowed content</title> | ||
<meta charset='utf-8'> | ||
<meta name="description" content="Test behavior of allowed content."> | ||
<meta name="assert" content="opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: no-redirect | ||
subresource: form-tag | ||
expectation: allowed"> | ||
<script src="/resources/testharness.js"></script> | ||
<script src="/resources/testharnessreport.js"></script> | ||
<!-- Common global functions for mixed-content tests. --> | ||
<script src="/mixed-content/generic/common.js"></script> | ||
<!-- The original specification JSON for validating the scenario. --> | ||
<script src="/mixed-content/spec_json.js"></script> | ||
<!-- Internal checking of the tests --> | ||
<script src="/mixed-content/generic/sanity-checker.js"></script> | ||
<!-- Simple wrapper API for all mixed-content test cases. --> | ||
<script src="/mixed-content/generic/mixed-content-test-case.js?pipe=sub"></script> | ||
</head> | ||
<body> | ||
<h1>Allowed content</h1> | ||
<h2>Test behavior of allowed content.</h2> | ||
<pre>opt_in_method: http-csp | ||
origin: same-host-https | ||
source_scheme: https | ||
context_nesting: top-level | ||
redirection: no-redirect | ||
subresource: form-tag | ||
expectation: allowed</pre> | ||
|
||
<p>See <a href="http://www.w3.org/TR/mixed-content/" target="_blank">specification</a> | ||
details for this test.</p> | ||
|
||
<div id="log"></div> | ||
<script> | ||
MixedContentTestCase( | ||
{ | ||
"opt_in_method": "http-csp", | ||
"origin": "same-host-https", | ||
"source_scheme": "https", | ||
"context_nesting": "top-level", | ||
"redirection": "no-redirect", | ||
"subresource": "form-tag", | ||
"expectation": "allowed" | ||
}, | ||
document.querySelector("meta[name=assert]").content, | ||
new SanityChecker() | ||
).start(); | ||
</script> | ||
</body> | ||
</html> |
1 change: 1 addition & 0 deletions
1
...llowed/http-csp/same-host-https/form-tag/top-level/no-redirect/allowed.https.html.headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Content-Security-Policy: block-all-mixed-content |
Oops, something went wrong.