summaryrefslogtreecommitdiffstats
path: root/testing/web-platform/meta/cookies
diff options
context:
space:
mode:
Diffstat (limited to 'testing/web-platform/meta/cookies')
-rw-r--r--testing/web-platform/meta/cookies/attributes/attributes-ctl.sub.html.ini1051
-rw-r--r--testing/web-platform/meta/cookies/attributes/domain.sub.html.ini85
-rw-r--r--testing/web-platform/meta/cookies/attributes/expires.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/attributes/invalid.html.ini23
-rw-r--r--testing/web-platform/meta/cookies/attributes/max-age.html.ini36
-rw-r--r--testing/web-platform/meta/cookies/attributes/path-redirect.html.ini44
-rw-r--r--testing/web-platform/meta/cookies/attributes/path.html.ini28
-rw-r--r--testing/web-platform/meta/cookies/attributes/secure-non-secure.html.ini33
-rw-r--r--testing/web-platform/meta/cookies/attributes/secure.https.html.ini24
-rw-r--r--testing/web-platform/meta/cookies/domain/domain-attribute-matches-host.sub.https.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/encoding/charset.html.ini15
-rw-r--r--testing/web-platform/meta/cookies/name/name-ctl.html.ini84
-rw-r--r--testing/web-platform/meta/cookies/name/name.html.ini234
-rw-r--r--testing/web-platform/meta/cookies/ordering/ordering.sub.html.ini6
-rw-r--r--testing/web-platform/meta/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html.ini4
-rw-r--r--testing/web-platform/meta/cookies/path/default.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/prefix/__host.document-cookie.html.ini9
-rw-r--r--testing/web-platform/meta/cookies/prefix/__host.document-cookie.https.html.ini15
-rw-r--r--testing/web-platform/meta/cookies/prefix/__host.header.html.ini14
-rw-r--r--testing/web-platform/meta/cookies/prefix/__host.header.https.html.ini23
-rw-r--r--testing/web-platform/meta/cookies/prefix/__secure.document-cookie.html.ini11
-rw-r--r--testing/web-platform/meta/cookies/prefix/__secure.document-cookie.https.html.ini11
-rw-r--r--testing/web-platform/meta/cookies/prefix/__secure.header.html.ini14
-rw-r--r--testing/web-platform/meta/cookies/prefix/__secure.header.https.html.ini15
-rw-r--r--testing/web-platform/meta/cookies/prefix/document-cookie.non-secure.html.ini20
-rw-r--r--testing/web-platform/meta/cookies/samesite-none-secure/__dir__.ini1
-rw-r--r--testing/web-platform/meta/cookies/samesite/__dir__.ini2
-rw-r--r--testing/web-platform/meta/cookies/samesite/about-blank-toplevel.https.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/samesite/fetch.https.html.ini8
-rw-r--r--testing/web-platform/meta/cookies/samesite/form-get-blank-reload.https.html.ini5
-rw-r--r--testing/web-platform/meta/cookies/samesite/form-get-blank.https.html.ini5
-rw-r--r--testing/web-platform/meta/cookies/samesite/form-post-blank-reload.https.html.ini6
-rw-r--r--testing/web-platform/meta/cookies/samesite/form-post-blank.https.html.ini10
-rw-r--r--testing/web-platform/meta/cookies/samesite/get_all_cookies-default-samesite.html.ini5
-rw-r--r--testing/web-platform/meta/cookies/samesite/get_named_cookie-default-samesite.html.ini5
-rw-r--r--testing/web-platform/meta/cookies/samesite/iframe-reload.https.html.ini4
-rw-r--r--testing/web-platform/meta/cookies/samesite/iframe.document.https.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/samesite/iframe.https.html.ini9
-rw-r--r--testing/web-platform/meta/cookies/samesite/img.https.html.ini10
-rw-r--r--testing/web-platform/meta/cookies/samesite/multiple-samesite-attributes.https.html.ini10
-rw-r--r--testing/web-platform/meta/cookies/samesite/sandbox-iframe-nested.https.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/samesite/sandbox-iframe-subresource.https.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/samesite/setcookie-lax.https.html.ini9
-rw-r--r--testing/web-platform/meta/cookies/samesite/setcookie-navigation.https.html.ini11
-rw-r--r--testing/web-platform/meta/cookies/samesite/window-open-reload.https.html.ini5
-rw-r--r--testing/web-platform/meta/cookies/samesite/window-open.https.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/schemeful-same-site/__dir__.ini1
-rw-r--r--testing/web-platform/meta/cookies/schemeful-same-site/schemeful-iframe-subresource.tentative.html.ini4
-rw-r--r--testing/web-platform/meta/cookies/schemeful-same-site/schemeful-subresource.tentative.html.ini5
-rw-r--r--testing/web-platform/meta/cookies/schemeful-same-site/schemeful-websockets.sub.tentative.html.ini5
-rw-r--r--testing/web-platform/meta/cookies/secure/set-from-http.sub.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/secure/set-from-ws.sub.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/secure/set-from-wss.https.sub.html.ini3
-rw-r--r--testing/web-platform/meta/cookies/size/attributes.www.sub.html.ini33
-rw-r--r--testing/web-platform/meta/cookies/size/name-and-value.html.ini35
-rw-r--r--testing/web-platform/meta/cookies/third-party-cookies/third-party-cookies.tentative.https.html.ini7
-rw-r--r--testing/web-platform/meta/cookies/value/value-ctl.html.ini78
-rw-r--r--testing/web-platform/meta/cookies/value/value.html.ini84
58 files changed, 2189 insertions, 0 deletions
diff --git a/testing/web-platform/meta/cookies/attributes/attributes-ctl.sub.html.ini b/testing/web-platform/meta/cookies/attributes/attributes-ctl.sub.html.ini
new file mode 100644
index 0000000000..2aa54d2105
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/attributes-ctl.sub.html.ini
@@ -0,0 +1,1051 @@
+[attributes-ctl.sub.html]
+ [Cookie with %x0 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 after Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 after Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x9 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa after Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa after Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd after Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd after Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f in Domain attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f in Path attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f in Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f after Max-Age attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f in Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f after Expires attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f in Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f after Secure attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f in HttpOnly attribute is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x0 after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x2 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x3 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x4 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x5 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x6 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x8 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xa after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xb in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xc in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xd after SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xe in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %xf in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x10 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x11 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x12 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x13 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x14 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x15 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x16 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x17 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x18 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x19 in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1a in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1b in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1c in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1d in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1e in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x1f in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
+ [Cookie with %x7f in SameSite attribute value is handled correctly.]
+ expected: FAIL
+
diff --git a/testing/web-platform/meta/cookies/attributes/domain.sub.html.ini b/testing/web-platform/meta/cookies/attributes/domain.sub.html.ini
new file mode 100644
index 0000000000..83309ef216
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/domain.sub.html.ini
@@ -0,0 +1,85 @@
+[domain.sub.html]
+ expected:
+ if (os == "linux") and debug and not fission and not swgl: TIMEOUT
+ if (os == "linux") and not debug: [OK, TIMEOUT]
+ [Return cookie for domain match (with first domain attribute as suffix of host name and second a match for host name)]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [No cookie set on domain mismatch before a (domain matching) redirect]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [No cookie set on domain mismatch before a (domain matching) redirect (for second level subdomain)]
+ expected:
+ if (os == "linux") and not debug: [PASS, NOTRUN]
+
+ [Return cookie for domain match (with first domain attribute as suffix of host name and second a bare attribute)]
+ expected:
+ if (os == "linux") and not debug: [PASS, NOTRUN]
+
+ [No cookie returned for domain mismatch (first attribute is a different subdomain and second is bare)]
+ expected:
+ if (os == "linux") and not debug: [PASS, NOTRUN]
+
+ [Cookies with same name, path, and domain (differing only in leading '.') overwrite each other ('.' second)]
+ expected:
+ if (os == "linux") and not debug and fission: [PASS, TIMEOUT, NOTRUN]
+ if (os == "linux") and not debug and not fission: [PASS, NOTRUN]
+
+ [Cookies with same name, path, and domain (differing only in leading '.') overwrite each other ('.' first)]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [No host cookies returned for host cookies after non-host redirect 1]
+ expected:
+ if (os == "linux") and not debug and fission: [PASS, TIMEOUT, NOTRUN]
+ if (os == "linux") and not debug and not fission: [PASS, NOTRUN]
+
+ [No host cookies returned for host cookies after non-host redirect 2]
+ expected:
+ if (os == "linux") and not debug and fission: [PASS, TIMEOUT, NOTRUN]
+ if (os == "linux") and not debug and not fission: [PASS, TIMEOUT, NOTRUN]
+
+ [No host cookies returned for host cookies after non-host redirect 3]
+ expected:
+ if (os == "linux") and debug and not fission and not swgl: TIMEOUT
+ if (os == "linux") and not debug and fission: [PASS, TIMEOUT, NOTRUN]
+ if (os == "linux") and not debug and not fission: [PASS, TIMEOUT, NOTRUN]
+
+ [Return cookie with valid domain after domain with single dot ('.') value.]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [Empty domain treated as host cookie 3]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [Empty domain treated as host cookie 1]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [Empty domain treated as host cookie 2]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [Cookie returned for bare domain attribute following mismatched domain attribute (after redirect to same-origin page).]
+ expected:
+ if (os == "linux") and not debug: [PASS, NOTRUN]
+
+ [No cookie returned for domain attribute mismatch (first attribute doesn't, second does, third doesn't)]
+ expected:
+ if not fission and (os == "linux") and not debug: [PASS, TIMEOUT]
+
+ [Return cookie for domain match (with two identical domain attributes)]
+ expected:
+ if (os == "linux") and not debug and fission: [PASS, TIMEOUT]
+ if (os == "linux") and not debug and not fission: [PASS, TIMEOUT, NOTRUN]
+
+ [No cookie returned for domain with single dot ('.') value.]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
+
+ [Return cookie for domain match (with first domain attribute a match for host name and second as suffix of host name)]
+ expected:
+ if (os == "linux") and not debug: [PASS, TIMEOUT, NOTRUN]
diff --git a/testing/web-platform/meta/cookies/attributes/expires.html.ini b/testing/web-platform/meta/cookies/attributes/expires.html.ini
new file mode 100644
index 0000000000..d740d01186
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/expires.html.ini
@@ -0,0 +1,3 @@
+[expires.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/attributes/invalid.html.ini b/testing/web-platform/meta/cookies/attributes/invalid.html.ini
new file mode 100644
index 0000000000..54d3bf3e58
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/invalid.html.ini
@@ -0,0 +1,23 @@
+[invalid.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Ignore `Set-Cookie: =` with other `Set-Cookie` headers]
+ expected: FAIL
+
+ [Ignore name- and value-less `Set-Cookie: ; bar`]
+ expected: FAIL
+
+ [Ignore `Set-Cookie: =`]
+ expected: FAIL
+
+ [Ignore empty cookie string]
+ expected: FAIL
+
+ [Ignore name- and value-less `Set-Cookie: `]
+ expected: FAIL
+
+ [Ignore name- and value-less `Set-Cookie: \\t`]
+ expected: FAIL
+
+ [Ignore cookie with domain that won't domain match (along with other invalid noise)]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/attributes/max-age.html.ini b/testing/web-platform/meta/cookies/attributes/max-age.html.ini
new file mode 100644
index 0000000000..f2bcad051b
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/max-age.html.ini
@@ -0,0 +1,36 @@
+[max-age.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Set multiple cookies with max-age attribute]
+ expected:
+ if processor == "x86": [FAIL, PASS]
+ FAIL
+
+ [Set mulitiple cookies with valid max-age values]
+ expected:
+ if (os == "android") and not debug: [FAIL, PASS]
+ FAIL
+
+ [Don't set multiple cookies with max-age=0]
+ expected: FAIL
+
+ [Set no cookie with max-age=0]
+ expected: FAIL
+
+ [Set no cookie with max-age=-1]
+ expected: FAIL
+
+ [Set cookie with age]
+ expected: FAIL
+
+ [Expire later cookie with same name and max-age=0]
+ expected: FAIL
+
+ [Ignore max-age attribute with invalid non-zero-digit (containing a comma)]
+ expected: FAIL
+
+ [Set no cookie with max-age=-20]
+ expected: FAIL
+
+ [Expire later cookie with same name and max-age=0, and don't set cookie with max-age=0]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/attributes/path-redirect.html.ini b/testing/web-platform/meta/cookies/attributes/path-redirect.html.ini
new file mode 100644
index 0000000000..17470f346d
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/path-redirect.html.ini
@@ -0,0 +1,44 @@
+[path-redirect.html]
+ expected:
+ if (os == "android") and fission: [TIMEOUT, OK]
+ [No cookie sent for redirected path mismatch with trailing '?' after unquoted Path]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch with trailing '#' after unquoted Path]
+ expected: FAIL
+
+ [Cookie sent for redirected path with trailing '/' and the redirected URL is one level deeper]
+ expected: FAIL
+
+ [Cookie sent for redirected path match with a trailing ';' after an unquoted Path]
+ expected: FAIL
+
+ [No cookie sent for redirected path match with a trailing ';' inside a quoted Path]
+ expected: FAIL
+
+ [No cookie sent for redirected path match with partially URL encoded path]
+ expected: FAIL
+
+ [Multiple cookies sent for multiple redirected path matches, sorted by length]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch where path and redirected URL begin with same string]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch where final path directory component and redirected URL resource begin with same string]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch where final path directory component begins with same string as redirected URL final directory component]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch for different resources inside the same final directory component]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch where final path directory component ends in '/' and does not match redirected URL]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch with a similar start to the redirected URL]
+ expected: FAIL
+
+ [No cookie sent for redirected path mismatch with trailing '/' after unquoted Path]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/attributes/path.html.ini b/testing/web-platform/meta/cookies/attributes/path.html.ini
new file mode 100644
index 0000000000..404bcb0e7f
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/path.html.ini
@@ -0,0 +1,28 @@
+[path.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Set cookie for mismatched and root path]
+ expected: FAIL
+
+ [Return cookie for path= / (whitespace after equals)]
+ expected: FAIL
+
+ [Set cookie for bare Path]
+ expected:
+ if (os == "android") and fission: [PASS, FAIL]
+ FAIL
+
+ [No cookie returned for partial path match, return cookie for default path]
+ expected:
+ if (os == "android") and fission: [PASS, FAIL]
+ FAIL
+
+ [Set cookie for Path=]
+ expected:
+ if (os == "android") and fission: [PASS, FAIL]
+ FAIL
+
+ [Return cookie for bare path= (after mismatched path)]
+ expected:
+ if (os == "android") and fission: [PASS, FAIL]
+ FAIL
diff --git a/testing/web-platform/meta/cookies/attributes/secure-non-secure.html.ini b/testing/web-platform/meta/cookies/attributes/secure-non-secure.html.ini
new file mode 100644
index 0000000000..85fa34f729
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/secure-non-secure.html.ini
@@ -0,0 +1,33 @@
+[secure-non-secure.html]
+ [(non-secure) Ignore cookie for Secure attribute]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie for seCURe attribute]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie for for Secure= attribute]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie for Secure=aaaa]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie for Secure space equals]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie for Secure equals space]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie for spaced Secure]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie for space Secure with ;]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie with __Secure- prefix and Secure]
+ expected: FAIL
+
+ [(non-secure) Ignore cookie with __Secure- prefix and without Secure]
+ expected: FAIL
+
+ [(non-secure) Cookie returned with __%53ecure- prefix and without Secure]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/attributes/secure.https.html.ini b/testing/web-platform/meta/cookies/attributes/secure.https.html.ini
new file mode 100644
index 0000000000..ade3d54ba2
--- /dev/null
+++ b/testing/web-platform/meta/cookies/attributes/secure.https.html.ini
@@ -0,0 +1,24 @@
+[secure.https.html]
+ [Set cookie for Secure attribute]
+ expected: FAIL
+
+ [Set cookie for seCURe attribute]
+ expected: FAIL
+
+ [Set cookie for for Secure= attribute]
+ expected: FAIL
+
+ [Set cookie for Secure=aaaa]
+ expected: FAIL
+
+ [Set cookie for Secure space equals]
+ expected: FAIL
+
+ [Set cookie for Secure equals space]
+ expected: FAIL
+
+ [Set cookie for spaced Secure]
+ expected: FAIL
+
+ [Set cookie for space Secure with ;]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/domain/domain-attribute-matches-host.sub.https.html.ini b/testing/web-platform/meta/cookies/domain/domain-attribute-matches-host.sub.https.html.ini
new file mode 100644
index 0000000000..e975ab8df5
--- /dev/null
+++ b/testing/web-platform/meta/cookies/domain/domain-attribute-matches-host.sub.https.html.ini
@@ -0,0 +1,3 @@
+[domain-attribute-matches-host.sub.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/encoding/charset.html.ini b/testing/web-platform/meta/cookies/encoding/charset.html.ini
new file mode 100644
index 0000000000..69babc2813
--- /dev/null
+++ b/testing/web-platform/meta/cookies/encoding/charset.html.ini
@@ -0,0 +1,15 @@
+[charset.html]
+ [utf-8 name and ASCII value]
+ expected: FAIL
+
+ [ASCII name and quoted utf-8 value]
+ expected: FAIL
+
+ [utf-8 name and value]
+ expected: FAIL
+
+ [quoted utf-8 name and value]
+ expected: FAIL
+
+ [utf-8 name and value, with (invalid) utf-8 attribute]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/name/name-ctl.html.ini b/testing/web-platform/meta/cookies/name/name-ctl.html.ini
new file mode 100644
index 0000000000..a4a6c8eebf
--- /dev/null
+++ b/testing/web-platform/meta/cookies/name/name-ctl.html.ini
@@ -0,0 +1,84 @@
+[name-ctl.html]
+ [Cookie with %x0 in name is rejected (DOM).]
+ expected: FAIL
+
+ [Cookie with %x9 in name is accepted (DOM).]
+ expected: FAIL
+
+ [Cookie with %xa in name is rejected (DOM).]
+ expected: FAIL
+
+ [Cookie with %xd in name is rejected (DOM).]
+ expected: FAIL
+
+ [Cookie with %x9 in name is accepted (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xa in name is rejected or modified (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xb in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xc in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xd in name is rejected or modified (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xe in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xf in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x10 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x11 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x12 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x13 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x14 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x15 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x16 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x17 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x18 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x19 in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1a in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1b in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1c in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1d in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1e in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1f in name is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x7f in name is rejected (HTTP).]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/name/name.html.ini b/testing/web-platform/meta/cookies/name/name.html.ini
new file mode 100644
index 0000000000..95bf0fd8c6
--- /dev/null
+++ b/testing/web-platform/meta/cookies/name/name.html.ini
@@ -0,0 +1,234 @@
+[name.html]
+ [Return the most recent nameless cookie, even if preceded by =, in addition to other valid cookie]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Use last value for cookies with identical names]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Keep first-in, first-out name order]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Keep first-in, first-out single-char name order]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Keep non-alphabetic first-in, first-out name order]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Keep first-in, first-out order if comma-separated]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Set nameless cookie, given `Set-Cookie: =test16`]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Overwrite nameless cookie]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Ignore cookie with empty name and empty value]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Ignore cookie with no name or value]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for 1=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for $=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for !a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for @a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for #a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for $a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for %a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for ^a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for &a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for *a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for (a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for )a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for -a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for _a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for +=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for "a=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Name is set as expected for "a=b"=test]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [URL-encoded cookie name is not decoded]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Remove trailing WSP characters from the name string]
+ expected: FAIL
+
+ [Remove leading WSP characters from the name string]
+ expected: FAIL
+
+ [Only return the new cookie (with the same name)]
+ expected: FAIL
+
+ [Ignore invalid attributes after nameless cookie]
+ expected: FAIL
+
+ [Ignore invalid attributes after valid name (that looks like Cookie2 Version attribute)]
+ expected: FAIL
+
+ [Set a cookie that has whitespace in its name]
+ expected: FAIL
+
+ [Set a nameless cookie ignoring characters after first ;]
+ expected: FAIL
+
+ [Set a nameless cookie ignoring characters after first ; (2)]
+ expected: FAIL
+
+ [Return the most recent nameless cookie]
+ expected: FAIL
+
+ [Return the most recent nameless cookie, without leading =]
+ expected: FAIL
+
+ [Return the most recent nameless cookie, even if preceded by =]
+ expected: FAIL
+
+ [Ignore nameless cookies that impersonate cookie prefixes]
+ expected: FAIL
+
+ [Set a nameless cookie (that has an = in its value)]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Set a nameless cookie (that has multiple ='s in its value)]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Set a nameless cookie]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
+
+ [Set valueless cookie to its name with empty value]
+ expected:
+ if (os == "mac") and not debug: FAIL
+ if os == "android": FAIL
+ [FAIL, PASS]
diff --git a/testing/web-platform/meta/cookies/ordering/ordering.sub.html.ini b/testing/web-platform/meta/cookies/ordering/ordering.sub.html.ini
new file mode 100644
index 0000000000..d1d38d9b27
--- /dev/null
+++ b/testing/web-platform/meta/cookies/ordering/ordering.sub.html.ini
@@ -0,0 +1,6 @@
+[ordering.sub.html]
+ [Cookies with longer paths are listed before cookies with shorter paths]
+ expected: FAIL
+
+ [For equal length paths, list the cookie with an earlier creation time first]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html.ini b/testing/web-platform/meta/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html.ini
new file mode 100644
index 0000000000..b1af720415
--- /dev/null
+++ b/testing/web-platform/meta/cookies/partitioned-cookies/partitioned-cookies.tentative.https.html.ini
@@ -0,0 +1,4 @@
+[partitioned-cookies.tentative.https.html]
+ [Partitioned cookies are not accessible on a different top-level site via HTTP]
+ expected:
+ if os == "android": FAIL
diff --git a/testing/web-platform/meta/cookies/path/default.html.ini b/testing/web-platform/meta/cookies/path/default.html.ini
new file mode 100644
index 0000000000..6baeb9dc53
--- /dev/null
+++ b/testing/web-platform/meta/cookies/path/default.html.ini
@@ -0,0 +1,3 @@
+[default.html]
+ [Test for default cookie path]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__host.document-cookie.html.ini b/testing/web-platform/meta/cookies/prefix/__host.document-cookie.html.ini
new file mode 100644
index 0000000000..6f8ab2d4cb
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__host.document-cookie.html.ini
@@ -0,0 +1,9 @@
+[__host.document-cookie.html]
+ [__HoSt: Non-secure origin: 'Path=/;']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: 'Path=/;domain=web-platform.test']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: 'Path=/;MaxAge=10']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__host.document-cookie.https.html.ini b/testing/web-platform/meta/cookies/prefix/__host.document-cookie.https.html.ini
new file mode 100644
index 0000000000..cf3ab5fa14
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__host.document-cookie.https.html.ini
@@ -0,0 +1,15 @@
+[__host.document-cookie.https.html]
+ [__HoSt: Secure origin: Does not set 'Path=/;']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Secure; Path=/; Domain=web-platform.test; ']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Secure; Path=/; Domain=web-platform.test; MaxAge=10']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Secure; Path=/cookies/resources/list.py']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__host.header.html.ini b/testing/web-platform/meta/cookies/prefix/__host.header.html.ini
new file mode 100644
index 0000000000..d6dbc27575
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__host.header.html.ini
@@ -0,0 +1,14 @@
+[__host.header.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [__HoSt: Non-secure origin: Does not set 'Path=/;']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: Does not set 'Path=/;domain=web-platform.test']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: Does not set 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: Does not set 'Path=/;HttpOnly']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__host.header.https.html.ini b/testing/web-platform/meta/cookies/prefix/__host.header.https.html.ini
new file mode 100644
index 0000000000..685b226853
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__host.header.https.html.ini
@@ -0,0 +1,23 @@
+[__host.header.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [__HoSt: Secure origin: Does not set 'Path=/;']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Secure; Path=/; Domain=web-platform.test; ']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Secure; Path=/; Domain=web-platform.test; MaxAge=10']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Path=/;HttpOnly']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Secure; Path=/; Domain=web-platform.test; HttpOnly']
+ expected: FAIL
+
+ [__HoSt: Secure origin: Does not set 'Secure; Path=/cookies/resources/list.py']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__secure.document-cookie.html.ini b/testing/web-platform/meta/cookies/prefix/__secure.document-cookie.html.ini
new file mode 100644
index 0000000000..45e9ad21b9
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__secure.document-cookie.html.ini
@@ -0,0 +1,11 @@
+[__secure.document-cookie.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [__SeCuRe: Non-secure origin: Should not set 'Path=/;']
+ expected: FAIL
+
+ [__SeCuRe: Non-secure origin: Should not set 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__SeCuRe: Non-secure origin: Should not set 'Path=/;domain=web-platform.test']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__secure.document-cookie.https.html.ini b/testing/web-platform/meta/cookies/prefix/__secure.document-cookie.https.html.ini
new file mode 100644
index 0000000000..a6c32ec84c
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__secure.document-cookie.https.html.ini
@@ -0,0 +1,11 @@
+[__secure.document-cookie.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [__SeCuRe: Secure origin: Should not set 'Path=/;']
+ expected: FAIL
+
+ [__SeCuRe: Secure origin: Should not set 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__SeCuRe: Secure origin: Should not set 'Path=/;domain=web-platform.test']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__secure.header.html.ini b/testing/web-platform/meta/cookies/prefix/__secure.header.html.ini
new file mode 100644
index 0000000000..cd08b714d9
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__secure.header.html.ini
@@ -0,0 +1,14 @@
+[__secure.header.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [__SeCuRe: Non-secure origin: Should not set 'Path=/;']
+ expected: FAIL
+
+ [__SeCuRe: Non-secure origin: Should not set 'Path=/;domain=web-platform.test']
+ expected: FAIL
+
+ [__SeCuRe: Non-secure origin: Should not set 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__SeCuRe: Non-secure origin: Should not set 'Path=/;HttpOnly']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/__secure.header.https.html.ini b/testing/web-platform/meta/cookies/prefix/__secure.header.https.html.ini
new file mode 100644
index 0000000000..e2955b8945
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/__secure.header.https.html.ini
@@ -0,0 +1,15 @@
+[__secure.header.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [__SeCuRe: secure origin: Should not set 'Path=/;']
+ expected: FAIL
+
+ [__SeCuRe: secure origin: Should not set 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__SeCuRe: secure origin: Should not set 'Path=/;HttpOnly']
+ expected: FAIL
+
+ [__SeCuRe: secure origin: Should not set 'Path=/;domain=not-web-platform.test']
+ expected:
+ if not early_beta_or_earlier: FAIL
diff --git a/testing/web-platform/meta/cookies/prefix/document-cookie.non-secure.html.ini b/testing/web-platform/meta/cookies/prefix/document-cookie.non-secure.html.ini
new file mode 100644
index 0000000000..e577a52b78
--- /dev/null
+++ b/testing/web-platform/meta/cookies/prefix/document-cookie.non-secure.html.ini
@@ -0,0 +1,20 @@
+[document-cookie.non-secure.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [__SeCuRe: Non-secure origin: 'Path=/;']
+ expected: FAIL
+
+ [__SeCuRe: Non-secure origin: 'Path=/;domain=web-platform.test']
+ expected: FAIL
+
+ [__SeCuRe: Non-secure origin: 'Path=/;MaxAge=10']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: 'Path=/; ']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: 'Path=/; domain=web-platform.test']
+ expected: FAIL
+
+ [__HoSt: Non-secure origin: 'Path=/; MaxAge=10']
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite-none-secure/__dir__.ini b/testing/web-platform/meta/cookies/samesite-none-secure/__dir__.ini
new file mode 100644
index 0000000000..fb6a500896
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite-none-secure/__dir__.ini
@@ -0,0 +1 @@
+prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
diff --git a/testing/web-platform/meta/cookies/samesite/__dir__.ini b/testing/web-platform/meta/cookies/samesite/__dir__.ini
new file mode 100644
index 0000000000..65fc594e47
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/__dir__.ini
@@ -0,0 +1,2 @@
+prefs: [network.cookie.sameSite.laxPlusPOST.timeout: 0]
+leak-threshold: [default:51200]
diff --git a/testing/web-platform/meta/cookies/samesite/about-blank-toplevel.https.html.ini b/testing/web-platform/meta/cookies/samesite/about-blank-toplevel.https.html.ini
new file mode 100644
index 0000000000..911ccf65b4
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/about-blank-toplevel.https.html.ini
@@ -0,0 +1,3 @@
+[about-blank-toplevel.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/samesite/fetch.https.html.ini b/testing/web-platform/meta/cookies/samesite/fetch.https.html.ini
new file mode 100644
index 0000000000..0b1471cbd5
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/fetch.https.html.ini
@@ -0,0 +1,8 @@
+[fetch.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
+
+ [Cross-site redirecting to same-host fetches are cross-site]
+ expected: FAIL
+
+ [Cross-site redirecting to subdomain fetches are cross-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/form-get-blank-reload.https.html.ini b/testing/web-platform/meta/cookies/samesite/form-get-blank-reload.https.html.ini
new file mode 100644
index 0000000000..87a2a44e1c
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/form-get-blank-reload.https.html.ini
@@ -0,0 +1,5 @@
+[form-get-blank-reload.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Reloaded cross-site top-level form GETs are strictly same-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/form-get-blank.https.html.ini b/testing/web-platform/meta/cookies/samesite/form-get-blank.https.html.ini
new file mode 100644
index 0000000000..76a5a867ee
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/form-get-blank.https.html.ini
@@ -0,0 +1,5 @@
+[form-get-blank.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
+ expected:
+ if (os == "mac") and not debug: [OK, TIMEOUT]
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/samesite/form-post-blank-reload.https.html.ini b/testing/web-platform/meta/cookies/samesite/form-post-blank-reload.https.html.ini
new file mode 100644
index 0000000000..5d708cd831
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/form-post-blank-reload.https.html.ini
@@ -0,0 +1,6 @@
+[form-post-blank-reload.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true, dom.confirm_repost.testing.always_accept:true]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Reloaded cross-site top-level form POSTs are strictly same-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/form-post-blank.https.html.ini b/testing/web-platform/meta/cookies/samesite/form-post-blank.https.html.ini
new file mode 100644
index 0000000000..806a960bf4
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/form-post-blank.https.html.ini
@@ -0,0 +1,10 @@
+[form-post-blank.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ if (os == "mac") and not debug: [OK, TIMEOUT]
+ [Cross-site redirecting to same-host top-level form POSTs are cross-site]
+ expected: FAIL
+
+ [Cross-site redirecting to subdomain top-level form POSTs are cross-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/get_all_cookies-default-samesite.html.ini b/testing/web-platform/meta/cookies/samesite/get_all_cookies-default-samesite.html.ini
new file mode 100644
index 0000000000..46b4008b92
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/get_all_cookies-default-samesite.html.ini
@@ -0,0 +1,5 @@
+[get_all_cookies-default-samesite.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Get all cookies w/ default SameSite]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/get_named_cookie-default-samesite.html.ini b/testing/web-platform/meta/cookies/samesite/get_named_cookie-default-samesite.html.ini
new file mode 100644
index 0000000000..de58cf41ff
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/get_named_cookie-default-samesite.html.ini
@@ -0,0 +1,5 @@
+[get_named_cookie-default-samesite.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Get Named cookie w/ default SameSite]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/iframe-reload.https.html.ini b/testing/web-platform/meta/cookies/samesite/iframe-reload.https.html.ini
new file mode 100644
index 0000000000..205a5c222a
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/iframe-reload.https.html.ini
@@ -0,0 +1,4 @@
+[iframe-reload.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/samesite/iframe.document.https.html.ini b/testing/web-platform/meta/cookies/samesite/iframe.document.https.html.ini
new file mode 100644
index 0000000000..cd18ab2cbd
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/iframe.document.https.html.ini
@@ -0,0 +1,3 @@
+[iframe.document.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/samesite/iframe.https.html.ini b/testing/web-platform/meta/cookies/samesite/iframe.https.html.ini
new file mode 100644
index 0000000000..adc7b2c211
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/iframe.https.html.ini
@@ -0,0 +1,9 @@
+[iframe.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Cross-site redirecting to same-host fetches are cross-site]
+ expected: FAIL
+
+ [Cross-site redirecting to subdomain fetches are cross-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/img.https.html.ini b/testing/web-platform/meta/cookies/samesite/img.https.html.ini
new file mode 100644
index 0000000000..0f42fab18b
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/img.https.html.ini
@@ -0,0 +1,10 @@
+[img.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
+ expected:
+ if (os == "mac") and not debug: [OK, TIMEOUT]
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Cross-site redirecting to same-host images are cross-site]
+ expected: FAIL
+
+ [Cross-site redirecting to subdomain images are cross-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/multiple-samesite-attributes.https.html.ini b/testing/web-platform/meta/cookies/samesite/multiple-samesite-attributes.https.html.ini
new file mode 100644
index 0000000000..bc86031f27
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/multiple-samesite-attributes.https.html.ini
@@ -0,0 +1,10 @@
+[multiple-samesite-attributes.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ if (os == "mac") and not debug: [OK, TIMEOUT]
+ [Cross-site redirecting to same-host images are cross-site]
+ expected: FAIL
+
+ [Cross-site redirecting to subdomain images are cross-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/sandbox-iframe-nested.https.html.ini b/testing/web-platform/meta/cookies/samesite/sandbox-iframe-nested.https.html.ini
new file mode 100644
index 0000000000..df011eaa4f
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/sandbox-iframe-nested.https.html.ini
@@ -0,0 +1,3 @@
+[sandbox-iframe-nested.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/samesite/sandbox-iframe-subresource.https.html.ini b/testing/web-platform/meta/cookies/samesite/sandbox-iframe-subresource.https.html.ini
new file mode 100644
index 0000000000..e04cad06cc
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/sandbox-iframe-subresource.https.html.ini
@@ -0,0 +1,3 @@
+[sandbox-iframe-subresource.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/samesite/setcookie-lax.https.html.ini b/testing/web-platform/meta/cookies/samesite/setcookie-lax.https.html.ini
new file mode 100644
index 0000000000..70141b915e
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/setcookie-lax.https.html.ini
@@ -0,0 +1,9 @@
+[setcookie-lax.https.html]
+ prefs: [network.cookie.sameSite.laxByDefault:true, network.cookie.sameSite.noneRequiresSecure:true, network.cookie.cookieBehavior:4]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Cross-site window shouldn't be able to set `SameSite=Lax` or `SameSite=Strict` cookies.]
+ expected:
+ if (os == "linux") and debug and fission and not swgl: [PASS, FAIL]
+ if (os == "win") and debug and (processor == "x86_64") and not swgl: [PASS, FAIL]
+ if os == "mac": [PASS, FAIL]
diff --git a/testing/web-platform/meta/cookies/samesite/setcookie-navigation.https.html.ini b/testing/web-platform/meta/cookies/samesite/setcookie-navigation.https.html.ini
new file mode 100644
index 0000000000..f8b5fb1b57
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/setcookie-navigation.https.html.ini
@@ -0,0 +1,11 @@
+[setcookie-navigation.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Cross-site to same-site iframe navigation should only be able to set SameSite=None cookies.]
+ expected: FAIL
+
+ [Same-site to cross-site-site iframe navigation should only be able to set SameSite=None cookies.]
+ expected: FAIL
+
+ [Cross-site to cross-site iframe navigation should only be able to set SameSite=None cookies.]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/window-open-reload.https.html.ini b/testing/web-platform/meta/cookies/samesite/window-open-reload.https.html.ini
new file mode 100644
index 0000000000..33b79d2083
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/window-open-reload.https.html.ini
@@ -0,0 +1,5 @@
+[window-open-reload.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Reloaded cross-site auxiliary navigations are strictly same-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/samesite/window-open.https.html.ini b/testing/web-platform/meta/cookies/samesite/window-open.https.html.ini
new file mode 100644
index 0000000000..eb490e9efd
--- /dev/null
+++ b/testing/web-platform/meta/cookies/samesite/window-open.https.html.ini
@@ -0,0 +1,3 @@
+[window-open.https.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/schemeful-same-site/__dir__.ini b/testing/web-platform/meta/cookies/schemeful-same-site/__dir__.ini
new file mode 100644
index 0000000000..acd73c1a68
--- /dev/null
+++ b/testing/web-platform/meta/cookies/schemeful-same-site/__dir__.ini
@@ -0,0 +1 @@
+prefs: [network.cookie.sameSite.schemeful:true]
diff --git a/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-iframe-subresource.tentative.html.ini b/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-iframe-subresource.tentative.html.ini
new file mode 100644
index 0000000000..f633e1a05c
--- /dev/null
+++ b/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-iframe-subresource.tentative.html.ini
@@ -0,0 +1,4 @@
+[schemeful-iframe-subresource.tentative.html]
+ [SameSite cookies with intervening cross-scheme iframe and subresources]
+ expected: FAIL
+
diff --git a/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-subresource.tentative.html.ini b/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-subresource.tentative.html.ini
new file mode 100644
index 0000000000..653f2eac78
--- /dev/null
+++ b/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-subresource.tentative.html.ini
@@ -0,0 +1,5 @@
+[schemeful-subresource.tentative.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Cross-scheme subresources cannot sent lax/strict cookies]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-websockets.sub.tentative.html.ini b/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-websockets.sub.tentative.html.ini
new file mode 100644
index 0000000000..520864f6d1
--- /dev/null
+++ b/testing/web-platform/meta/cookies/schemeful-same-site/schemeful-websockets.sub.tentative.html.ini
@@ -0,0 +1,5 @@
+[schemeful-websockets.sub.tentative.html]
+ expected:
+ if (os == "android") and fission: [TIMEOUT, OK]
+ [Cross-scheme WebSockets are cross-site]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/secure/set-from-http.sub.html.ini b/testing/web-platform/meta/cookies/secure/set-from-http.sub.html.ini
new file mode 100644
index 0000000000..570e385fc5
--- /dev/null
+++ b/testing/web-platform/meta/cookies/secure/set-from-http.sub.html.ini
@@ -0,0 +1,3 @@
+[set-from-http.sub.html]
+ expected:
+ if swgl and (os == "linux") and fission: [OK, CRASH]
diff --git a/testing/web-platform/meta/cookies/secure/set-from-ws.sub.html.ini b/testing/web-platform/meta/cookies/secure/set-from-ws.sub.html.ini
new file mode 100644
index 0000000000..31fae761e0
--- /dev/null
+++ b/testing/web-platform/meta/cookies/secure/set-from-ws.sub.html.ini
@@ -0,0 +1,3 @@
+[set-from-ws.sub.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/secure/set-from-wss.https.sub.html.ini b/testing/web-platform/meta/cookies/secure/set-from-wss.https.sub.html.ini
new file mode 100644
index 0000000000..0a953bd072
--- /dev/null
+++ b/testing/web-platform/meta/cookies/secure/set-from-wss.https.sub.html.ini
@@ -0,0 +1,3 @@
+[set-from-wss.https.sub.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/cookies/size/attributes.www.sub.html.ini b/testing/web-platform/meta/cookies/size/attributes.www.sub.html.ini
new file mode 100644
index 0000000000..021aa61798
--- /dev/null
+++ b/testing/web-platform/meta/cookies/size/attributes.www.sub.html.ini
@@ -0,0 +1,33 @@
+[attributes.www.sub.html]
+ [Too long path attribute (>1024 bytes) is ignored; previous valid path wins.]
+ expected: FAIL
+
+ [Too long domain attribute (>1024 bytes) is ignored; previous valid domain wins.]
+ expected: FAIL
+
+ [Too long path attribute (>1024 bytes) is ignored]
+ expected: FAIL
+
+ [Too long domain attribute (>1024 bytes) is ignored]
+ expected: FAIL
+
+ [Max length Max-Age attribute value (1024 bytes) doesn't cause cookie rejection]
+ expected: FAIL
+
+ [Too long Max-Age attribute value (>1024 bytes) doesn't cause cookie rejection]
+ expected: FAIL
+
+ [Max length negative Max-Age attribute value (1024 bytes) doesn't get ignored]
+ expected: FAIL
+
+ [Set cookie with max size name/value pair and multiple max size attributes (>8k bytes total)]
+ expected: FAIL
+
+ [Too long negative Max-Age attribute value (>1024 bytes) gets ignored]
+ expected: FAIL
+
+ [Set cookie with max size name/value pair and max size attribute value]
+ expected: FAIL
+
+ [Max size domain attribute (1024 bytes) is not ignored]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/size/name-and-value.html.ini b/testing/web-platform/meta/cookies/size/name-and-value.html.ini
new file mode 100644
index 0000000000..cced698738
--- /dev/null
+++ b/testing/web-platform/meta/cookies/size/name-and-value.html.ini
@@ -0,0 +1,35 @@
+[name-and-value.html]
+ expected:
+ if (os == "android") and fission: [OK, TIMEOUT]
+ [Ignore cookie with name larger than 4096 and 1 byte value]
+ expected: FAIL
+
+ [Set max-size value-less cookie]
+ expected: FAIL
+
+ [Ignore value-less cookie with name larger than 4096 bytes]
+ expected: FAIL
+
+ [Set max-size cookie with largest possible value (4095 bytes)]
+ expected: FAIL
+
+ [Ignore named cookie (with non-zero length) and value larger than 4095 bytes]
+ expected: FAIL
+
+ [Ignore named cookie with length larger than 4095 bytes, and a non-zero value]
+ expected: FAIL
+
+ [Set max-size name-less cookie]
+ expected: FAIL
+
+ [Ignore name-less cookie with value larger than 4096 bytes]
+ expected: FAIL
+
+ [Ignore name-less cookie (without leading =) with value larger than 4096 bytes]
+ expected: FAIL
+
+ [Set max-size cookie that also has an attribute]
+ expected: FAIL
+
+ [Set max-size cookie with largest possible name and value (4096 bytes)]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/third-party-cookies/third-party-cookies.tentative.https.html.ini b/testing/web-platform/meta/cookies/third-party-cookies/third-party-cookies.tentative.https.html.ini
new file mode 100644
index 0000000000..dc81e4ca58
--- /dev/null
+++ b/testing/web-platform/meta/cookies/third-party-cookies/third-party-cookies.tentative.https.html.ini
@@ -0,0 +1,7 @@
+[third-party-cookies.tentative.https.html]
+ [Cross site window setting HTTP cookies]
+ expected: FAIL
+
+ [3P fetch: Cookies are not accessible via HTTP]
+ expected:
+ if os == "android": FAIL
diff --git a/testing/web-platform/meta/cookies/value/value-ctl.html.ini b/testing/web-platform/meta/cookies/value/value-ctl.html.ini
new file mode 100644
index 0000000000..803fca4000
--- /dev/null
+++ b/testing/web-platform/meta/cookies/value/value-ctl.html.ini
@@ -0,0 +1,78 @@
+[value-ctl.html]
+ [Cookie with %x0 in value is rejected (DOM).]
+ expected: FAIL
+
+ [Cookie with %xa in value is rejected (DOM).]
+ expected: FAIL
+
+ [Cookie with %xd in value is rejected (DOM).]
+ expected: FAIL
+
+ [Cookie with %xa in name is rejected or modified (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xb in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xc in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xd in name is rejected or modified (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xe in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %xf in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x10 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x11 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x12 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x13 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x14 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x15 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x16 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x17 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x18 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x19 in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1a in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1b in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1c in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1d in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1e in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x1f in value is rejected (HTTP).]
+ expected: FAIL
+
+ [Cookie with %x7f in value is rejected (HTTP).]
+ expected: FAIL
diff --git a/testing/web-platform/meta/cookies/value/value.html.ini b/testing/web-platform/meta/cookies/value/value.html.ini
new file mode 100644
index 0000000000..ff32c989b2
--- /dev/null
+++ b/testing/web-platform/meta/cookies/value/value.html.ini
@@ -0,0 +1,84 @@
+[value.html]
+ [Set nameless cookie to its value]
+ expected: FAIL
+
+ [Set nameless cookie to its value with an escaped quote]
+ expected: FAIL
+
+ [Set value with unbalanced leading quote]
+ expected: FAIL
+
+ [Set nameless cookie followed by '=' to its value]
+ expected: FAIL
+
+ [Set cookie but ignore value after LF]
+ expected: FAIL
+
+ [Set cookie ignoring whitespace after value endquote]
+ expected: FAIL
+
+ [Ignore whitespace and ; after value]
+ expected: FAIL
+
+ [Ignore whitespace preceding value]
+ expected: FAIL
+
+ [Set cookie with quotes in value]
+ expected: FAIL
+
+ [Set cookie keeping whitespace inside quoted value]
+ expected: FAIL
+
+ [Set cookie value ignoring characters after semicolon]
+ expected: FAIL
+
+ [Set cookie with another = inside quoted value]
+ expected: FAIL
+
+ [Set cookie ignoring whitespace surrounding value and characters after first semicolon]
+ expected: FAIL
+
+ [Set valueless cookie, given `Set-Cookie: test22=`]
+ expected: FAIL
+
+ [URL-encoded cookie value is not decoded]
+ expected: FAIL
+
+ [Set cookie with a space character in the value]
+ expected: FAIL
+
+ [Set cookie with large name + value ( = 4kb)]
+ expected: FAIL
+
+ [Set cookie with one = inside an unquoted value]
+ expected: FAIL
+
+ [Set a nameless cookie with a space character in the value]
+ expected: FAIL
+
+ [Set cookie with two = inside an unquoted value]
+ expected: FAIL
+
+ [Set cookie with value set to =]
+ expected: FAIL
+
+ [Ignore cookie with large name + value ( > 4kb)]
+ expected: FAIL
+
+ [Set value with a single quote excluding whitespace]
+ expected: FAIL
+
+ [Ignore values after semicolon]
+ expected: FAIL
+
+ [Set value containing a comma]
+ expected: FAIL
+
+ [Set value including quotes and whitespace up until semicolon]
+ expected: FAIL
+
+ [Set quoted value containing a comma]
+ expected: FAIL
+
+ [Ignore whitespace at the end of value]
+ expected: FAIL