From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 02:47:55 +0200
Subject: Adding upstream version 124.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../base-uri-allow-leading-zero-port.sub.html.ini  |  3 +
 .../blob/self-doesnt-match-blob.sub.html.ini       |  2 +
 .../blob/star-doesnt-match-blob.sub.html.ini       |  2 +
 .../child-src/child-src-blocked.sub.html.ini       |  4 ++
 .../child-src-conflicting-frame-src.sub.html.ini   |  5 ++
 .../child-src-cross-origin-load.sub.html.ini       |  6 ++
 .../child-src-redirect-blocked.sub.html.ini        |  4 ++
 .../child-src-worker-allowed.sub.html.ini          |  3 +
 .../child-src-worker-blocked.sub.html.ini          |  3 +
 .../connect-src/__dir__.ini                        |  2 +
 .../connect-src-eventsource-blocked.sub.html.ini   |  3 +
 ...rc-eventsource-redirect-to-blocked.sub.html.ini |  3 +
 .../connect-src-json-import-allowed.sub.html.ini   |  2 +
 .../connect-src-json-import-blocked.sub.html.ini   |  2 +
 .../connect-src-websocket-allowed.sub.html.ini     |  3 +
 .../connect-src-websocket-blocked.sub.html.ini     |  3 +
 .../connect-src-websocket-self.sub.html.ini        |  3 +
 ...connect-src-xmlhttprequest-allowed.sub.html.ini |  3 +
 ...connect-src-xmlhttprequest-blocked.sub.html.ini |  3 +
 ...xmlhttprequest-redirect-to-blocked.sub.html.ini |  3 +
 .../shared-worker-connect-src-allowed.sub.html.ini |  3 +
 .../shared-worker-connect-src-blocked.sub.html.ini |  3 +
 .../worker-connect-src-allowed.sub.html.ini        |  3 +
 .../worker-connect-src-blocked.sub.html.ini        |  3 +
 .../connect-src/worker-from-guid.sub.html.ini      |  3 +
 .../embedded-enforcement/__dir__.ini               |  2 +
 .../allow_csp_from-header.html.ini                 | 16 +++++
 .../embedded-enforcement/idlharness.window.js.ini  |  7 +++
 .../iframe-csp-attribute.html.ini                  | 13 ++++
 .../required-csp-header-cascade.html.ini           | 28 +++++++++
 .../required_csp-header.html.ini                   | 67 ++++++++++++++++++++
 .../subsumption_algorithm-general.html.ini         |  6 ++
 .../subsumption_algorithm-hashes.html.ini          | 18 ++++++
 ...bsumption_algorithm-host_sources-hosts.html.ini | 13 ++++
 ...bsumption_algorithm-host_sources-paths.html.ini | 10 +++
 ...bsumption_algorithm-host_sources-ports.html.ini | 15 +++++
 ...ption_algorithm-host_sources-protocols.html.ini | 13 ++++
 .../subsumption_algorithm-none.html.ini            | 26 ++++++++
 .../subsumption_algorithm-self.html.ini            |  7 +++
 .../subsumption_algorithm-strict_dynamic.html.ini  |  4 ++
 .../subsumption_algorithm-unsafe_eval.html.ini     | 15 +++++
 .../subsumption_algorithm-unsafe_hashes.html.ini   | 13 ++++
 .../subsumption_algorithm-unsafe_inline.html.ini   | 16 +++++
 .../font-stylesheet-font-blocked.sub.html.ini      |  3 +
 .../form-action-src-allowed.sub.html.ini           |  3 +
 .../form-action-src-blocked.sub.html.ini           |  3 +
 .../form-action-src-default-ignored.sub.html.ini   |  3 +
 .../form-action-src-get-allowed.sub.html.ini       |  6 ++
 .../form-action-src-get-blocked.sub.html.ini       |  3 +
 ...form-action-src-javascript-blocked.sub.html.ini |  3 +
 .../form-action-src-javascript-prevented.html.ini  |  3 +
 ...-src-redirect-allowed-target-blank.sub.html.ini |  3 +
 ...-src-redirect-allowed-target-frame.sub.html.ini |  3 +
 .../form-action-src-redirect-blocked.sub.html.ini  |  8 +++
 .../frame-ancestors/__dir__.ini                    |  2 +
 ...ame-ancestors-from-serviceworker.https.html.ini |  9 +++
 ...stors-nested-cross-in-cross-none-block.html.ini |  8 +++
 ...stors-nested-cross-in-cross-self-block.html.ini |  8 +++
 ...stors-nested-cross-in-cross-star-allow.html.ini |  3 +
 ...estors-nested-cross-in-cross-url-allow.html.ini |  3 +
 ...estors-nested-cross-in-cross-url-block.html.ini |  8 +++
 ...estors-nested-cross-in-same-none-block.html.ini |  8 +++
 ...estors-nested-cross-in-same-self-block.html.ini |  8 +++
 ...estors-nested-cross-in-same-star-allow.html.ini |  3 +
 ...cestors-nested-cross-in-same-url-allow.html.ini |  3 +
 ...cestors-nested-cross-in-same-url-block.html.ini |  8 +++
 ...ted-cross-in-sandboxed-cross-url-block.html.ini |  3 +
 ...estors-nested-same-in-cross-none-block.html.ini |  8 +++
 ...estors-nested-same-in-cross-self-block.html.ini |  8 +++
 ...estors-nested-same-in-cross-star-allow.html.ini |  3 +
 ...cestors-nested-same-in-cross-url-allow.html.ini |  3 +
 ...cestors-nested-same-in-cross-url-block.html.ini |  8 +++
 ...cestors-nested-same-in-same-none-block.html.ini |  8 +++
 ...cestors-nested-same-in-same-self-allow.html.ini |  3 +
 ...cestors-nested-same-in-same-star-allow.html.ini |  3 +
 ...ncestors-nested-same-in-same-url-allow.html.ini |  3 +
 ...ncestors-nested-same-in-same-url-block.html.ini |  8 +++
 .../frame-ancestors-none-block.html.ini            |  8 +++
 .../frame-ancestors-overrides-xfo.html.ini         |  8 +++
 ...ame-ancestors-sandbox-same-origin-self.html.ini |  3 +
 .../frame-ancestors-self-allow.html.ini            |  3 +
 .../frame-ancestors-self-block.html.ini            |  8 +++
 ...frame-ancestors-star-allow-crossorigin.html.ini |  3 +
 .../frame-ancestors-star-allow-sameorigin.html.ini |  3 +
 .../frame-ancestors-url-allow.sub.html.ini         |  3 +
 .../frame-ancestors-url-block.html.ini             |  8 +++
 .../report-blocked-frame.sub.html.ini              |  3 +
 .../frame-ancestors/report-only-frame.sub.html.ini |  3 +
 .../frame-src/frame-src-blocked.sub.html.ini       |  4 ++
 .../frame-src-cross-origin-load.sub.html.ini       |  3 +
 ...s-origin-same-document-navigation.window.js.ini |  3 +
 .../frame-src/frame-src-redirect.html.ini          |  5 ++
 .../frame-src/frame-src-same-document.sub.html.ini |  3 +
 .../frame-src-self-unique-origin.html.ini          |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              | 26 ++++++++
 .../sharedworker-import.https.html.ini             | 26 ++++++++
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../script-src-self/worker-classic.http.html.ini   |  3 +
 .../script-src-self/worker-classic.https.html.ini  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../script-src-self/worker-import.http.html.ini    | 26 ++++++++
 .../script-src-self/worker-import.https.html.ini   | 26 ++++++++
 .../script-src-self/worker-module.http.html.ini    |  3 +
 .../script-src-self/worker-module.https.html.ini   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../script-src-self/worklet-audio.https.html.ini   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../script-src-self/worklet-layout.https.html.ini  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 18 ++++++
 .../script-src-self/worklet-paint.https.html.ini   | 20 ++++++
 .../script-src-wildcard/script-tag.http.html.ini   |  3 +
 .../script-src-wildcard/script-tag.https.html.ini  |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              |  3 +
 .../sharedworker-import.https.html.ini             |  3 +
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-classic.http.html.ini                   |  3 +
 .../worker-classic.https.html.ini                  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../worker-import.http.html.ini                    |  3 +
 .../worker-import.https.html.ini                   |  3 +
 .../worker-module.http.html.ini                    |  3 +
 .../worker-module.https.html.ini                   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worklet-audio.https.html.ini                   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../worklet-layout.https.html.ini                  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worklet-paint.https.html.ini                   | 20 ++++++
 .../worker-src-none/script-tag.http.html.ini       |  3 +
 .../worker-src-none/script-tag.https.html.ini      |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              |  3 +
 .../sharedworker-import.https.html.ini             |  3 +
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-src-none/worker-classic.http.html.ini   |  3 +
 .../worker-src-none/worker-classic.https.html.ini  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-src-none/worker-import.http.html.ini    |  3 +
 .../worker-src-none/worker-import.https.html.ini   |  3 +
 .../worker-src-none/worker-module.http.html.ini    |  3 +
 .../worker-src-none/worker-module.https.html.ini   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worker-src-none/worklet-audio.https.html.ini   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 19 ++++++
 .../worker-src-none/worklet-layout.https.html.ini  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worker-src-none/worklet-paint.https.html.ini   | 20 ++++++
 .../worker-src-self/script-tag.http.html.ini       |  3 +
 .../worker-src-self/script-tag.https.html.ini      |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              | 26 ++++++++
 .../sharedworker-import.https.html.ini             | 26 ++++++++
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-src-self/worker-classic.http.html.ini   |  3 +
 .../worker-src-self/worker-classic.https.html.ini  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../worker-src-self/worker-import.http.html.ini    | 26 ++++++++
 .../worker-src-self/worker-import.https.html.ini   | 26 ++++++++
 .../worker-src-self/worker-module.http.html.ini    |  3 +
 .../worker-src-self/worker-module.https.html.ini   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worker-src-self/worklet-audio.https.html.ini   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../worker-src-self/worklet-layout.https.html.ini  | 19 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worker-src-self/worklet-paint.https.html.ini   | 20 ++++++
 .../worker-src-wildcard/script-tag.http.html.ini   |  3 +
 .../worker-src-wildcard/script-tag.https.html.ini  |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              |  3 +
 .../sharedworker-import.https.html.ini             |  3 +
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-classic.http.html.ini                   |  3 +
 .../worker-classic.https.html.ini                  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../worker-import.http.html.ini                    |  3 +
 .../worker-import.https.html.ini                   |  3 +
 .../worker-module.http.html.ini                    |  3 +
 .../worker-module.https.html.ini                   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 18 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worklet-audio.https.html.ini                   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../worklet-layout.https.html.ini                  | 18 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worklet-paint.https.html.ini                   | 20 ++++++
 .../script-src-self/script-tag.http.html.ini       |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              | 26 ++++++++
 .../sharedworker-import.https.html.ini             | 26 ++++++++
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../script-src-self/worker-classic.http.html.ini   |  3 +
 .../script-src-self/worker-classic.https.html.ini  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../script-src-self/worker-import.http.html.ini    | 26 ++++++++
 .../script-src-self/worker-import.https.html.ini   | 26 ++++++++
 .../script-src-self/worker-module.http.html.ini    |  3 +
 .../script-src-self/worker-module.https.html.ini   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../script-src-self/worklet-audio.https.html.ini   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../script-src-self/worklet-layout.https.html.ini  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../script-src-self/worklet-paint.https.html.ini   | 20 ++++++
 .../script-src-wildcard/script-tag.http.html.ini   |  3 +
 .../script-src-wildcard/script-tag.https.html.ini  |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              |  3 +
 .../sharedworker-import.https.html.ini             |  3 +
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-classic.http.html.ini                   |  3 +
 .../worker-classic.https.html.ini                  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../worker-import.http.html.ini                    |  3 +
 .../worker-import.https.html.ini                   |  3 +
 .../worker-module.http.html.ini                    |  3 +
 .../worker-module.https.html.ini                   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worklet-audio.https.html.ini                   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../worklet-layout.https.html.ini                  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worklet-paint.https.html.ini                   | 20 ++++++
 .../worker-src-none/script-tag.http.html.ini       |  3 +
 .../worker-src-none/script-tag.https.html.ini      |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              |  3 +
 .../sharedworker-import.https.html.ini             |  3 +
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-src-none/worker-classic.http.html.ini   |  3 +
 .../worker-src-none/worker-classic.https.html.ini  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../worker-src-none/worker-import.http.html.ini    |  3 +
 .../worker-src-none/worker-import.https.html.ini   |  3 +
 .../worker-src-none/worker-module.http.html.ini    |  3 +
 .../worker-src-none/worker-module.https.html.ini   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worker-src-none/worklet-audio.https.html.ini   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../worker-src-none/worklet-layout.https.html.ini  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worker-src-none/worklet-paint.https.html.ini   | 20 ++++++
 .../worker-src-self/script-tag.http.html.ini       |  3 +
 .../worker-src-self/script-tag.https.html.ini      |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              | 26 ++++++++
 .../sharedworker-import.https.html.ini             | 26 ++++++++
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-src-self/worker-classic.http.html.ini   |  3 +
 .../worker-src-self/worker-classic.https.html.ini  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../worker-src-self/worker-import.http.html.ini    | 26 ++++++++
 .../worker-src-self/worker-import.https.html.ini   | 26 ++++++++
 .../worker-src-self/worker-module.http.html.ini    |  3 +
 .../worker-src-self/worker-module.https.html.ini   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worker-src-self/worklet-audio.https.html.ini   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../worker-src-self/worklet-layout.https.html.ini  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worker-src-self/worklet-paint.https.html.ini   | 20 ++++++
 .../worker-src-wildcard/script-tag.http.html.ini   |  3 +
 .../worker-src-wildcard/script-tag.https.html.ini  |  3 +
 .../sharedworker-classic.http.html.ini             |  3 +
 .../sharedworker-classic.https.html.ini            |  3 +
 .../sharedworker-import-data.http.html.ini         |  3 +
 .../sharedworker-import-data.https.html.ini        |  3 +
 .../sharedworker-import.http.html.ini              |  3 +
 .../sharedworker-import.https.html.ini             |  3 +
 .../sharedworker-module.http.html.ini              |  3 +
 .../sharedworker-module.https.html.ini             |  3 +
 .../worker-classic.http.html.ini                   |  3 +
 .../worker-classic.https.html.ini                  |  3 +
 .../worker-import-data.http.html.ini               |  3 +
 .../worker-import-data.https.html.ini              |  3 +
 .../worker-import.http.html.ini                    |  3 +
 .../worker-import.https.html.ini                   |  3 +
 .../worker-module.http.html.ini                    |  3 +
 .../worker-module.https.html.ini                   |  3 +
 .../worklet-animation-import-data.https.html.ini   | 20 ++++++
 .../worklet-animation.https.html.ini               | 20 ++++++
 .../worklet-audio.https.html.ini                   |  3 +
 .../worklet-layout-import-data.https.html.ini      | 20 ++++++
 .../worklet-layout.https.html.ini                  | 20 ++++++
 .../worklet-paint-import-data.https.html.ini       | 20 ++++++
 .../worklet-paint.https.html.ini                   | 20 ++++++
 .../304-response-should-update-csp.sub.html.ini    |  7 +++
 ...eval-typecheck-callout-order.tentative.html.ini |  3 +
 .../filesystem-urls-do-not-match-self.sub.html.ini |  8 +++
 .../filesystem-urls-match-filesystem.sub.html.ini  |  4 ++
 .../generic/generic-0_1-script-src.html.ini        |  3 +
 .../generic/generic-0_10_1.sub.html.ini            |  3 +
 .../generic/generic-0_2.html.ini                   |  3 +
 .../generic/generic-0_2_2.sub.html.ini             |  3 +
 .../generic/generic-0_2_3.html.ini                 |  3 +
 .../generic/generic-0_8.sub.html.ini               |  3 +
 .../generic/generic-0_8_1.sub.html.ini             |  3 +
 .../generic/generic-0_9.sub.html.ini               |  3 +
 .../generic/invalid-characters-in-policy.html.ini  |  3 +
 .../generic/no-default-src.sub.html.ini            |  7 +++
 .../policy-does-not-affect-child.sub.html.ini      |  3 +
 ...icy-inherited-correctly-by-plznavigate.html.ini |  3 +
 .../generic/src-trailing-dot.sub.any.js.ini        | 18 ++++++
 .../img-src/icon-blocked.sub.html.ini              |  7 +++
 .../img-src/img-src-4_1.sub.html.ini               |  3 +
 ...-src-host-partial-wildcard-allowed.sub.html.ini |  3 +
 .../img-src-port-wildcard-allowed.sub.html.ini     |  3 +
 .../img-src/img-src-self-unique-origin.html.ini    |  3 +
 .../img-src/img-src-wildcard-allowed.html.ini      |  3 +
 .../img-src/report-blocked-data-uri.sub.html.ini   |  3 +
 ...eta-http-equiv-with-invalid-characters.html.ini |  4 ++
 ...main-window-self-navigate-inherits.sub.html.ini |  5 ++
 .../inheritance/document-write-iframe.html.ini     |  8 +++
 .../inheritance/frame-src-javascript-url.html.ini  |  5 ++
 .../inheritance/history-iframe.sub.html.ini        | 54 ++++++++++++++++
 .../inheritance/history.sub.html.ini               | 16 +++++
 ...ame-all-local-schemes-inherit-self.sub.html.ini | 12 ++++
 .../iframe-all-local-schemes.sub.html.ini          |  3 +
 .../iframe-srcdoc-history-inheritance.html.ini     |  3 +
 .../inheritance/iframe-srcdoc-inheritance.html.ini |  3 +
 .../inheritance-from-initiator.sub.html.ini        |  3 +
 ...rited-csp-list-modifications-are-local.html.ini |  3 +
 .../javascript-url-open-in-main-window.html.ini    |  5 ++
 ...srcdoc-cross-origin-iframe-inheritance.html.ini |  3 +
 .../inheritance/location-reload.html.ini           |  3 +
 .../inheritance/sandboxed-data-scheme.html.ini     |  3 +
 .../inheritance/unsandboxed-blob-scheme.html.ini   |  6 ++
 .../inheritance/unsandboxed-data-scheme.html.ini   |  6 ++
 ...ow-open-local-after-network-scheme.sub.html.ini |  3 +
 .../inheritance/window.html.ini                    |  3 +
 .../inside-worker/__dir__.ini                      |  1 +
 .../dedicatedworker-script-src.html.ini            | 17 +++++
 .../serviceworker-connect-src.https.sub.html.ini   | 18 ++++++
 .../serviceworker-report-only.https.sub.html.ini   |  3 +
 .../sharedworker-connect-src.sub.html.ini          |  3 +
 .../sharedworker-report-only.sub.html.ini          |  3 +
 .../sharedworker-script-src.sub.html.ini           |  3 +
 .../media-src/media-src-7_1.html.ini               |  2 +
 .../media-src/media-src-7_2.html.ini               | 14 +++++
 .../media-src/media-src-7_3.sub.html.ini           |  3 +
 .../media-src/media-src-7_3_2.sub.html.ini         |  3 +
 .../media-src/media-src-blocked.sub.html.ini       |  3 +
 .../media-src/media-src-redir-bug.sub.html.ini     |  3 +
 .../meta/sandbox-iframe.html.ini                   |  5 ++
 .../navigate-to/__dir__.ini                        |  1 +
 ...-javascript-parent-initiated-child-csp.html.ini |  3 +
 ...t-parent-initiated-parent-csp-disallow.html.ini |  3 +
 ...javascript-parent-initiated-parent-csp.html.ini |  6 ++
 .../to-javascript-url-frame-src.html.ini           |  3 +
 .../to-javascript-url-script-src.html.ini          | 15 +++++
 .../nonce-hiding/svgscript-nonces-hidden.html.ini  |  3 +
 .../object-src/object-src-no-url-blocked.html.ini  |  5 ++
 .../object-src/object-src-url-allowed.html.ini     |  3 +
 .../object-src/object-src-url-blocked.html.ini     |  3 +
 .../object-src-url-embed-allowed.html.ini          |  3 +
 .../object-src-url-embed-blocked.html.ini          |  3 +
 .../object-src-url-redirect-allowed.html.ini       |  3 +
 .../object-src-url-redirect-blocked.sub.html.ini   |  9 +++
 .../plugin-types/__dir__.ini                       |  1 +
 .../prefetch-src/__dir__.ini                       |  1 +
 .../reporting-api/__dir__.ini                      |  1 +
 ...to-directive-allowed-in-meta.https.sub.html.ini |  9 +++
 ...y-sends-reports-on-violation.https.sub.html.ini |  5 ++
 ...ds-reports-to-first-endpoint.https.sub.html.ini |  3 +
 ...rt-to-overrides-report-uri-1.https.sub.html.ini |  3 +
 ...rt-to-overrides-report-uri-2.https.sub.html.ini |  3 +
 ...i-sends-reports-on-violation.https.sub.html.ini |  9 +++
 ...api-works-on-frame-ancestors.https.sub.html.ini |  5 ++
 ...rting-api-works-on-frame-src.https.sub.html.ini |  5 ++
 .../reporting/multiple-report-policies.html.ini    |  4 ++
 .../post-redirect-stacktrace.https.html.ini        |  7 +++
 .../reporting/report-blocked-data-uri.html.ini     |  3 +
 .../reporting/report-blocked-uri.html.ini          |  3 +
 .../reporting/report-clips-sample.https.html.ini   | 10 +++
 .../report-cross-origin-no-cookies.sub.html.ini    | 13 ++++
 ...ame-ancestors-with-x-frame-options.sub.html.ini |  5 ++
 .../reporting/report-frame-ancestors.sub.html.ini  |  9 +++
 .../report-multiple-violations-02.html.ini         |  9 +++
 .../reporting/report-only-in-meta.sub.html.ini     |  3 +
 .../reporting/report-only-unsafe-eval.html.ini     |  3 +
 ...l-url-on-mixed-content-frame.https.sub.html.ini |  5 ++
 .../reporting/report-original-url.sub.html.ini     |  3 +
 .../report-preload-and-consume.https.html.ini      |  6 ++
 .../report-same-origin-with-cookies.html.ini       |  5 ++
 .../reporting/report-strips-fragment.html.ini      |  3 +
 .../report-uri-effective-directive.html.ini        |  3 +
 .../reporting/report-uri-from-child-frame.html.ini |  3 +
 .../report-uri-from-inline-javascript.html.ini     |  3 +
 .../reporting/report-uri-from-javascript.html.ini  |  3 +
 .../report-uri-multiple-reversed.html.ini          |  3 +
 .../reporting/report-uri-multiple.html.ini         |  3 +
 .../reporting/report-uri-scheme-relative.html.ini  |  4 ++
 .../prefetch-allowed-by-any-directive.sub.html.ini | 10 +++
 ...d-with-conflicting-permissive-policies.html.ini |  4 ++
 ...h-blocked-by-default-multiple-policies.html.ini |  4 ++
 .../prefetch-blocked-by-default.html.ini           |  4 ++
 .../prefetch-generate-directives.html.ini          | 72 ++++++++++++++++++++++
 .../prefetch-ignores-prefetch-src.sub.html.ini     |  4 ++
 .../sandbox/sandbox-empty-subframe.sub.html.ini    |  3 +
 .../sandbox/sandbox-empty.sub.html.ini             |  3 +
 .../sandbox/service-worker-sandbox.https.html.ini  |  3 +
 .../sandbox/shared-worker-sandbox.html.ini         |  3 +
 .../sandbox/window-reuse-sandboxed.html.ini        |  3 +
 .../sandbox/window-reuse-unsandboxed.html.ini      |  3 +
 .../script-src-attr-elem/__dir__.ini               |  1 +
 .../content-security-policy/script-src/__dir__.ini |  1 +
 .../hash-always-converted-to-utf-8/utf-8.html.ini  |  3 +
 .../javascript-window-open-blocked.html.ini        |  3 +
 .../script-src/script-src-1_1.html.ini             |  3 +
 .../script-src/script-src-1_10_1.html.ini          |  3 +
 .../script-src/script-src-1_2.html.ini             |  3 +
 .../script-src/script-src-1_2_1.html.ini           |  3 +
 .../script-src/script-src-1_3.html.ini             |  3 +
 .../script-src/script-src-1_4.html.ini             |  3 +
 .../script-src/script-src-1_4_1.html.ini           |  5 ++
 .../script-src/script-src-1_4_2.html.ini           |  3 +
 ...e-policies-multiple-hashing-algorithms.html.ini |  3 +
 ...-policies-one-using-hashing-algorithms.html.ini |  3 +
 .../script-src-overrides-default-src.sub.html.ini  |  3 +
 ...ort-only-policy-works-with-hash-policy.html.ini |  3 +
 ...rc-strict_dynamic_and_unsafe_eval_eval.html.ini |  3 +
 ...t_dynamic_and_unsafe_eval_new_function.html.ini |  3 +
 ...ict_dynamic_discard_source_expressions.html.ini |  3 +
 ..._dynamic_double_policy_different_nonce.html.ini |  3 +
 ...le_policy_honor_source_expressions.sub.html.ini |  3 +
 ...rict_dynamic_double_policy_report_only.html.ini |  3 +
 .../script-src-strict_dynamic_eval.html.ini        |  3 +
 .../script-src-strict_dynamic_hashes.html.ini      |  3 +
 .../script-src-strict_dynamic_in_img-src.html.ini  |  3 +
 ...ript-src-strict_dynamic_javascript_uri.html.ini |  3 +
 .../script-src-strict_dynamic_meta_tag.html.ini    |  3 +
 ...script-src-strict_dynamic_new_function.html.ini |  3 +
 ...src-strict_dynamic_non_parser_inserted.html.ini |  3 +
 ...ic_non_parser_inserted_incorrect_nonce.html.ini |  3 +
 ...ipt-src-strict_dynamic_parser_inserted.html.ini |  3 +
 ..._dynamic_parser_inserted_correct_nonce.html.ini |  3 +
 ...ict_dynamic_worker-importScripts.https.html.ini |  3 +
 ...script-src-strict_dynamic_worker.https.html.ini |  3 +
 .../script-src-wildcards-disallowed.html.ini       |  3 +
 .../script-src/scripthash-allowed.sub.html.ini     |  3 +
 ...thash-base64url-converts-to-base64.sub.html.ini |  3 +
 .../scripthash-basic-blocked-error-event.html.ini  |  3 +
 .../scripthash-basic-blocked.sub.html.ini          |  3 +
 .../scripthash-case-insensitive.sub.html.ini       |  3 +
 .../script-src/scripthash-changed-1.html.ini       |  5 ++
 .../script-src/scripthash-changed-2.html.ini       |  3 +
 .../script-src/scripthash-default-src.sub.html.ini |  3 +
 .../scripthash-ignore-unsafeinline.sub.html.ini    |  3 +
 .../scripthash-unicode-normalization.sub.html.ini  |  3 +
 .../script-src/scriptnonce-allowed.sub.html.ini    |  3 +
 .../scriptnonce-and-scripthash.sub.html.ini        |  3 +
 .../scriptnonce-basic-blocked.sub.html.ini         |  5 ++
 .../script-src/scriptnonce-changed-1.html.ini      |  3 +
 .../script-src/scriptnonce-changed-2.html.ini      |  3 +
 .../scriptnonce-ignore-unsafeinline.sub.html.ini   |  3 +
 .../script-src/scriptnonce-redirect.sub.html.ini   |  3 +
 .../scriptnonce-specified-source.sub.html.ini      |  3 +
 .../srcdoc-doesnt-bypass-script-src.sub.html.ini   |  3 +
 .../script-src/worker-eval-blocked.sub.html.ini    |  3 +
 .../worker-function-function-blocked.sub.html.ini  |  3 +
 .../script-src/worker-importscripts.sub.html.ini   |  3 +
 .../script-src/worker-script-src.sub.html.ini      |  3 +
 .../script-src/worker-set-timeout.sub.html.ini     |  3 +
 .../securitypolicyviolation/__dir__.ini            |  1 +
 .../blockeduri-ws-wss-scheme.html.ini              |  3 +
 .../constructor-required-fields.html.ini           | 19 ++++++
 .../idlharness.window.js.ini                       | 56 +++++++++++++++++
 .../img-src-redirect.sub.html.ini                  |  3 +
 .../inside-dedicated-worker.html.ini               |  3 +
 .../inside-service-worker.https.html.ini           |  4 ++
 .../inside-shared-worker.html.ini                  |  3 +
 .../script-sample-no-opt-in.html.ini               |  5 ++
 .../securitypolicyviolation/script-sample.html.ini |  5 ++
 ...ock-cross-origin-image-from-script.sub.html.ini |  3 +
 ...yviolation-block-image-from-script.sub.html.ini |  3 +
 .../source-file-blob-scheme.html.ini               |  3 +
 .../source-file-data-scheme.html.ini               |  3 +
 .../securitypolicyviolation/source-file.html.ini   |  4 ++
 .../style-sample-no-opt-in.html.ini                |  3 +
 .../securitypolicyviolation/style-sample.html.ini  |  3 +
 .../securitypolicyviolation/targeting.html.ini     | 11 ++++
 ...rade-insecure-requests-reporting.https.html.ini |  7 +++
 .../style-src-elem-blocked-attr-allowed.html.ini   |  3 +
 .../style-src-elem-blocked-src-allowed.html.ini    |  3 +
 .../style-src/import-style-allowed.sub.html.ini    |  2 +
 .../style-src/import-style-blocked.sub.html.ini    |  2 +
 ...tyle-allowed-while-cloning-objects.sub.html.ini |  6 ++
 .../inline-style-attribute-allowed.sub.html.ini    |  3 +
 .../inline-style-attribute-blocked.sub.html.ini    |  3 +
 .../inline-style-attribute-on-html.sub.html.ini    |  3 +
 .../style-src/inline-style-blocked.sub.html.ini    |  3 +
 .../style-src/style-blocked.html.ini               |  5 ++
 .../style-src/style-src-error-event-fires.html.ini |  6 ++
 .../style-src/style-src-hash-allowed.html.ini      |  3 +
 .../style-src/style-src-hash-blocked.html.ini      |  3 +
 .../style-src-hash-case-insensitive.html.ini       |  3 +
 .../style-src-hash-default-src-allowed.html.ini    |  3 +
 .../style-src-imported-style-allowed.sub.html.ini  |  3 +
 .../style-src-imported-style-blocked.html.ini      |  3 +
 ...inline-style-allowed-with-content-hash.html.ini |  3 +
 ...tyle-src-injected-inline-style-allowed.html.ini |  3 +
 ...tyle-src-injected-inline-style-blocked.html.ini |  3 +
 ...le-src-injected-stylesheet-allowed.sub.html.ini |  3 +
 ...le-src-injected-stylesheet-blocked.sub.html.ini |  3 +
 .../style-src-inline-style-allowed.html.ini        |  3 +
 ...yle-src-inline-style-attribute-allowed.html.ini |  3 +
 ...yle-src-inline-style-attribute-blocked.html.ini |  3 +
 .../style-src-inline-style-blocked.html.ini        |  3 +
 .../style-src-inline-style-nonce-allowed.html.ini  |  3 +
 ...inline-style-nonce-blocked-error-event.html.ini |  6 ++
 .../style-src-inline-style-nonce-blocked.html.ini  |  3 +
 ...e-policies-multiple-hashing-algorithms.html.ini |  7 +++
 .../style-src/style-src-none-blocked.html.ini      |  3 +
 .../style-src/style-src-star-allowed.html.ini      |  3 +
 .../style-src-stylesheet-nonce-allowed.html.ini    |  3 +
 .../style-src-stylesheet-nonce-blocked.html.ini    |  3 +
 .../style-src/stylehash-allowed.sub.html.ini       |  3 +
 .../style-src/stylehash-basic-blocked.sub.html.ini |  3 +
 .../style-src/stylehash-default-src.sub.html.ini   |  3 +
 .../style-src/stylenonce-allowed.sub.html.ini      |  3 +
 .../style-src/stylenonce-blocked.sub.html.ini      |  3 +
 .../svg/object-in-svg-foreignobject.sub.html.ini   |  2 +
 .../unsafe-eval/eval-blocked.sub.html.ini          |  3 +
 .../eval-scripts-setInterval-allowed.sub.html.ini  |  3 +
 .../eval-scripts-setTimeout-allowed.sub.html.ini   |  3 +
 .../eval-scripts-setTimeout-blocked.sub.html.ini   |  6 ++
 .../function-constructor-allowed.sub.html.ini      |  3 +
 .../function-constructor-blocked.sub.html.ini      |  3 +
 .../unsafe-hashes/__dir__.ini                      |  1 +
 .../javascript_src_allowed-href_blank.html.ini     |  3 +
 ...javascript_src_allowed-window_location.html.ini |  3 +
 .../javascript_src_allowed-window_open.html.ini    |  3 +
 ...safe_hashes-href_blank-script-src-attr.html.ini |  3 +
 ...safe_hashes-href_blank-script-src-elem.html.ini |  3 +
 ...enied_missing_unsafe_hashes-href_blank.html.ini |  3 +
 ..._missing_unsafe_hashes-window_location.html.ini |  3 +
 ...nied_missing_unsafe_hashes-window_open.html.ini |  3 +
 .../javascript_src_denied_wrong_hash-href.html.ini |  3 +
 ..._wrong_hash-href_blank-script-src-attr.html.ini |  3 +
 ..._wrong_hash-href_blank-script-src-elem.html.ini |  3 +
 ...cript_src_denied_wrong_hash-href_blank.html.ini |  3 +
 ..._src_denied_wrong_hash-window_location.html.ini |  3 +
 ...ript_src_denied_wrong_hash-window_open.html.ini |  3 +
 .../script_event_handlers_allowed.html.ini         |  3 +
 ..._handlers_denied_missing_unsafe_hashes.html.ini |  3 +
 ...cript_event_handlers_denied_wrong_hash.html.ini |  3 +
 .../unsafe-hashes/style_attribute_allowed.html.ini |  3 +
 ...attribute_denied_missing_unsafe_hashes.html.ini |  3 +
 .../style_attribute_denied_wrong_hash.html.ini     |  3 +
 .../default-src-blocks-wasm.any.js.ini             | 13 ++++
 .../default-src-unsafe-eval-allows-wasm.any.js.ini | 15 +++++
 ...ult-src-wasm-unsafe-eval-allows-wasm.any.js.ini | 15 +++++
 .../postMessage-wasm-module.html.ini               |  3 +
 .../script-src-blocks-wasm.any.js.ini              | 15 +++++
 .../script-src-spv-asynch.any.js.ini               | 15 +++++
 .../script-src-unsafe-eval-allows-wasm.any.js.ini  | 15 +++++
 ...ipt-src-wasm-unsafe-eval-allows-wasm.any.js.ini | 15 +++++
 .../webrtc/webrtc-allowed-explicit.html.ini        |  3 +
 .../webrtc/webrtc-blocked-explicit.html.ini        |  3 +
 .../webrtc/webrtc-blocked-unknown.html.ini         |  5 ++
 .../content-security-policy/worker-src/__dir__.ini |  1 +
 .../worker-src/dedicated-none.sub.html.ini         |  7 +++
 .../worker-src/dedicated-self.sub.html.ini         |  3 +
 ...-worker-src-child-fallback-blocked.sub.html.ini |  5 ++
 ...edicated-worker-src-child-fallback.sub.html.ini |  3 +
 ...icated-worker-src-default-fallback.sub.html.ini |  3 +
 ...dicated-worker-src-script-fallback.sub.html.ini |  3 +
 ...dedicated-worker-src-self-fallback.sub.html.ini |  3 +
 .../worker-src/service-child.https.sub.html.ini    |  6 ++
 .../worker-src/service-fallback.https.sub.html.ini |  3 +
 .../worker-src/service-list.https.sub.html.ini     |  3 +
 .../worker-src/service-none.https.sub.html.ini     |  5 ++
 .../worker-src/service-self.https.sub.html.ini     |  3 +
 ...r-src-child-fallback-blocked.https.sub.html.ini |  5 ++
 ...ce-worker-src-child-fallback.https.sub.html.ini |  3 +
 ...-worker-src-default-fallback.https.sub.html.ini |  3 +
 ...e-worker-src-script-fallback.https.sub.html.ini |  3 +
 ...ice-worker-src-self-fallback.https.sub.html.ini |  3 +
 .../worker-src/shared-child.sub.html.ini           |  3 +
 .../worker-src/shared-fallback.sub.html.ini        |  6 ++
 .../worker-src/shared-list.sub.html.ini            |  3 +
 .../worker-src/shared-none.sub.html.ini            |  8 +++
 .../worker-src/shared-self.sub.html.ini            |  3 +
 ...-worker-src-child-fallback-blocked.sub.html.ini |  5 ++
 .../shared-worker-src-child-fallback.sub.html.ini  |  3 +
 ...shared-worker-src-default-fallback.sub.html.ini |  3 +
 .../shared-worker-src-script-fallback.sub.html.ini |  3 +
 .../shared-worker-src-self-fallback.sub.html.ini   |  3 +
 641 files changed, 4156 insertions(+)
 create mode 100644 testing/web-platform/meta/content-security-policy/base-uri/base-uri-allow-leading-zero-port.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/child-src/child-src-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/child-src/child-src-conflicting-frame-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/child-src/child-src-cross-origin-load.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/child-src/child-src-redirect-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/child-src/child-src-worker-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/child-src/child-src-worker-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-redirect-to-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-self.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-redirect-to-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/connect-src/worker-from-guid.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-hosts.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-paths.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-ports.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-protocols.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_eval.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-default-ignored.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-prevented.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-blank.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-frame.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-sandbox-same-origin-self.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-allow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-crossorigin.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-sameorigin.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-allow.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-block.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-load.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-src/frame-src-redirect.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.http.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint-import-data.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/304-response-should-update-csp.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/eval-typecheck-callout-order.tentative.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_1-script-src.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_10_1.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_2.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_2_2.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_2_3.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_8.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_8_1.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/generic-0_9.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/invalid-characters-in-policy.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/no-default-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/policy-does-not-affect-child.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/generic/src-trailing-dot.sub.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/img-src/icon-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/img-src/img-src-4_1.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/img-src/img-src-host-partial-wildcard-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/img-src/img-src-port-wildcard-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/img-src/img-src-self-unique-origin.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/img-src/img-src-wildcard-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/img-src/report-blocked-data-uri.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/blob-inherits-from-meta-http-equiv-with-invalid-characters.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/document-write-iframe.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/frame-src-javascript-url.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/history-iframe.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/history.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-inheritance.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/inheritance-from-initiator.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/inherited-csp-list-modifications-are-local.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/javascript-url-open-in-main-window.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/javascript-url-srcdoc-cross-origin-iframe-inheritance.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/location-reload.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/sandboxed-data-scheme.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-blob-scheme.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-data-scheme.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/window-open-local-after-network-scheme.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inheritance/window.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inside-worker/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inside-worker/dedicatedworker-script-src.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-connect-src.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-report-only.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-connect-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-report-only.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-script-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/media-src/media-src-7_1.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/media-src/media-src-7_2.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/media-src/media-src-7_3.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/media-src/media-src-7_3_2.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/media-src/media-src-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/media-src/media-src-redir-bug.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/meta/sandbox-iframe.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/navigate-to/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp-disallow.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-frame-src.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-script-src.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/object-src/object-src-no-url-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/object-src/object-src-url-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/object-src/object-src-url-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/plugin-types/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/prefetch-src/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/report-to-directive-allowed-in-meta.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-ancestors.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/multiple-report-policies.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/post-redirect-stacktrace.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-blocked-data-uri.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-blocked-uri.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-clips-sample.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-cross-origin-no-cookies.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors-with-x-frame-options.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-multiple-violations-02.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-only-in-meta.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-only-unsafe-eval.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-original-url-on-mixed-content-frame.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-original-url.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-preload-and-consume.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-same-origin-with-cookies.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-strips-fragment.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-uri-effective-directive.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-uri-from-child-frame.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-uri-from-inline-javascript.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-uri-from-javascript.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple-reversed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/reporting/report-uri-scheme-relative.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-by-any-directive.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-with-conflicting-permissive-policies.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default-multiple-policies.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/resource-hints/prefetch-generate-directives.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/resource-hints/prefetch-ignores-prefetch-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty-subframe.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/sandbox/service-worker-sandbox.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/sandbox/shared-worker-sandbox.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/sandbox/window-reuse-sandboxed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/sandbox/window-reuse-unsandboxed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src-attr-elem/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/javascript-window-open-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_1.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_10_1.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_2.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_2_1.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_3.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_4.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_1.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_2.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-multiple-hashing-algorithms.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-one-using-hashing-algorithms.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-overrides-default-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_eval.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_new_function.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_discard_source_expressions.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_different_nonce.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_report_only.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_eval.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_hashes.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_in_img-src.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_javascript_uri.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_meta_tag.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_new_function.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted_correct_nonce.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker-importScripts.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/script-src-wildcards-disallowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-base64url-converts-to-base64.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked-error-event.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-case-insensitive.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-1.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-2.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-default-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-ignore-unsafeinline.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scripthash-unicode-normalization.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-and-scripthash.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-basic-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-1.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-2.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-redirect.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/scriptnonce-specified-source.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/worker-eval-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/worker-function-function-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/worker-importscripts.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/worker-script-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/script-src/worker-set-timeout.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/blockeduri-ws-wss-scheme.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/constructor-required-fields.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/idlharness.window.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/img-src-redirect.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-dedicated-worker.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-service-worker.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-shared-worker.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample-no-opt-in.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-image-from-script.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-blob-scheme.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-data-scheme.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample-no-opt-in.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/targeting.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/securitypolicyviolation/upgrade-insecure-requests-reporting.https.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/import-style-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/import-style-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-on-html.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/inline-style-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-error-event-fires.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-hash-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-hash-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-hash-case-insensitive.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-hash-default-src-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed-with-content-hash.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked-error-event.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-none-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-star-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-blocked.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/stylehash-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/stylehash-basic-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/stylehash-default-src.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/stylenonce-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/style-src/stylenonce-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/svg/object-in-svg-foreignobject.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-eval/eval-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setInterval-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-allowed.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-attr.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-attr.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-elem.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_allowed.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-blocks-wasm.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-unsafe-eval-allows-wasm.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-wasm-unsafe-eval-allows-wasm.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/postMessage-wasm-module.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-blocks-wasm.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-spv-asynch.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-unsafe-eval-allows-wasm.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-wasm-unsafe-eval-allows-wasm.any.js.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/webrtc/webrtc-allowed-explicit.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-explicit.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-unknown.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/__dir__.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/dedicated-none.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/dedicated-self.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-default-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-script-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-self-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-child.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-fallback.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-list.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-none.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-self.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback-blocked.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-default-fallback.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-script-fallback.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-self-fallback.https.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-child.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-list.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-none.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-self.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback-blocked.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-default-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-script-fallback.sub.html.ini
 create mode 100644 testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-self-fallback.sub.html.ini

(limited to 'testing/web-platform/meta/content-security-policy')

diff --git a/testing/web-platform/meta/content-security-policy/base-uri/base-uri-allow-leading-zero-port.sub.html.ini b/testing/web-platform/meta/content-security-policy/base-uri/base-uri-allow-leading-zero-port.sub.html.ini
new file mode 100644
index 0000000000..a568f6f173
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/base-uri/base-uri-allow-leading-zero-port.sub.html.ini
@@ -0,0 +1,3 @@
+[base-uri-allow-leading-zero-port.sub.html]
+  [Check that base URIs can be set if they do not violate the page's policy because leading 0s are stripped from the port.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini b/testing/web-platform/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini
new file mode 100644
index 0000000000..8b8309445a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/blob/self-doesnt-match-blob.sub.html.ini
@@ -0,0 +1,2 @@
+[self-doesnt-match-blob.sub.html]
+  disabled: https://bugzilla.mozilla.org/show_bug.cgi?id=1273241
diff --git a/testing/web-platform/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini b/testing/web-platform/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini
new file mode 100644
index 0000000000..920a278be8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/blob/star-doesnt-match-blob.sub.html.ini
@@ -0,0 +1,2 @@
+[star-doesnt-match-blob.sub.html]
+  disabled: https://bugzilla.mozilla.org/show_bug.cgi?id=1273241
diff --git a/testing/web-platform/meta/content-security-policy/child-src/child-src-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/child-src/child-src-blocked.sub.html.ini
new file mode 100644
index 0000000000..71e9b47a15
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/child-src/child-src-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[child-src-blocked.sub.html]
+  [Expecting logs: ["PASS IFrame #1 generated a load event.", "violated-directive=frame-src"\]]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/child-src/child-src-conflicting-frame-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/child-src/child-src-conflicting-frame-src.sub.html.ini
new file mode 100644
index 0000000000..d58fbf283e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/child-src/child-src-conflicting-frame-src.sub.html.ini
@@ -0,0 +1,5 @@
+[child-src-conflicting-frame-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Expecting logs: ["PASS IFrame #1 generated a load event.", "violated-directive=frame-src"\]]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/child-src/child-src-cross-origin-load.sub.html.ini b/testing/web-platform/meta/content-security-policy/child-src/child-src-cross-origin-load.sub.html.ini
new file mode 100644
index 0000000000..efa7bad60d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/child-src/child-src-cross-origin-load.sub.html.ini
@@ -0,0 +1,6 @@
+[child-src-cross-origin-load.sub.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, ERROR]
+    ERROR
+  [Navigation in iframe not allowed by child-src]
+    expected: TIMEOUT
diff --git a/testing/web-platform/meta/content-security-policy/child-src/child-src-redirect-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/child-src/child-src-redirect-blocked.sub.html.ini
new file mode 100644
index 0000000000..7d5eaadc5a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/child-src/child-src-redirect-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[child-src-redirect-blocked.sub.html]
+  [Expecting logs: ["PASS IFrame #1 generated a load event.", "violated-directive=frame-src"\]]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/child-src/child-src-worker-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/child-src/child-src-worker-allowed.sub.html.ini
new file mode 100644
index 0000000000..611439ee07
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/child-src/child-src-worker-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[child-src-worker-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/child-src/child-src-worker-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/child-src/child-src-worker-blocked.sub.html.ini
new file mode 100644
index 0000000000..12c81a1dae
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/child-src/child-src-worker-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[child-src-worker-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/__dir__.ini b/testing/web-platform/meta/content-security-policy/connect-src/__dir__.ini
new file mode 100644
index 0000000000..b9f5886878
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/__dir__.ini
@@ -0,0 +1,2 @@
+lsan-disabled: true
+leak-threshold: [default:51200]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html.ini
new file mode 100644
index 0000000000..ae1da6d1b6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-eventsource-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-redirect-to-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-redirect-to-blocked.sub.html.ini
new file mode 100644
index 0000000000..40388a1dd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-eventsource-redirect-to-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-eventsource-redirect-to-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-allowed.sub.html.ini
new file mode 100644
index 0000000000..a9cc8da56d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-allowed.sub.html.ini
@@ -0,0 +1,2 @@
+[connect-src-json-import-allowed.sub.html]
+  expected: ERROR
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-blocked.sub.html.ini
new file mode 100644
index 0000000000..f84b0f2c95
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-json-import-blocked.sub.html.ini
@@ -0,0 +1,2 @@
+[connect-src-json-import-blocked.sub.html]
+  expected: ERROR
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-allowed.sub.html.ini
new file mode 100644
index 0000000000..4cab2d75f8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-websocket-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html.ini
new file mode 100644
index 0000000000..eead57bc0f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-websocket-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-self.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-self.sub.html.ini
new file mode 100644
index 0000000000..bbaf8693e0
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-websocket-self.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-websocket-self.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-allowed.sub.html.ini
new file mode 100644
index 0000000000..d1095be9d4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-xmlhttprequest-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html.ini
new file mode 100644
index 0000000000..b0b7fd7c58
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-xmlhttprequest-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-redirect-to-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-redirect-to-blocked.sub.html.ini
new file mode 100644
index 0000000000..7054d78876
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/connect-src-xmlhttprequest-redirect-to-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[connect-src-xmlhttprequest-redirect-to-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-allowed.sub.html.ini
new file mode 100644
index 0000000000..6f8e5d6950
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-connect-src-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-blocked.sub.html.ini
new file mode 100644
index 0000000000..b8494a7152
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/shared-worker-connect-src-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-connect-src-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-allowed.sub.html.ini
new file mode 100644
index 0000000000..d759338d77
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-connect-src-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-blocked.sub.html.ini
new file mode 100644
index 0000000000..fbeb9cc10c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/worker-connect-src-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-connect-src-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/connect-src/worker-from-guid.sub.html.ini b/testing/web-platform/meta/content-security-policy/connect-src/worker-from-guid.sub.html.ini
new file mode 100644
index 0000000000..a325a7fd3f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/connect-src/worker-from-guid.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-from-guid.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/__dir__.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/__dir__.ini
new file mode 100644
index 0000000000..7a5cbf999c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/__dir__.ini
@@ -0,0 +1,2 @@
+implementation-status: not-implementing
+bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1553130
\ No newline at end of file
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini
new file mode 100644
index 0000000000..21cab9e30f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/allow_csp_from-header.html.ini
@@ -0,0 +1,16 @@
+[allow_csp_from-header.html]
+  [Cross origin iframe with an empty Allow-CSP-From header gets blocked.]
+    expected: FAIL
+
+  [Cross origin iframe without Allow-CSP-From header gets blocked.]
+    expected: FAIL
+
+  [Iframe with improper Allow-CSP-From header gets blocked.]
+    expected: FAIL
+
+  [Star Allow-CSP-From header enforces EmbeddingCSP.]
+    expected: FAIL
+
+  [Allow-CSP-From header enforces EmbeddingCSP.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini
new file mode 100644
index 0000000000..f4848f7461
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/idlharness.window.js.ini
@@ -0,0 +1,7 @@
+[idlharness.window.html]
+  [HTMLIFrameElement interface: attribute csp]
+    expected: FAIL
+
+  [HTMLIFrameElement interface: document.createElement("iframe") must inherit property "csp" with the proper type]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini
new file mode 100644
index 0000000000..6977d4fe21
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/iframe-csp-attribute.html.ini
@@ -0,0 +1,13 @@
+[iframe-csp-attribute.html]
+  [<iframe> has a 'csp' attibute which is an empty string if undefined.]
+    expected: FAIL
+
+  [<iframe>'s csp attribute is always a string.]
+    expected: FAIL
+
+  [<iframe>'s 'csp content attribute reflects the IDL attribute.]
+    expected: FAIL
+
+  [<iframe>'s IDL attribute reflects the DOM attribute.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini
new file mode 100644
index 0000000000..e13604688a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/required-csp-header-cascade.html.ini
@@ -0,0 +1,28 @@
+[required-csp-header-cascade.html]
+  [Test same origin: Test same policy for both iframes]
+    expected: FAIL
+
+  [Test same origin: Test more restrictive policy on second iframe]
+    expected: FAIL
+
+  [Test same origin: Test less restrictive policy on second iframe]
+    expected: FAIL
+
+  [Test same origin: Test no policy on second iframe]
+    expected: FAIL
+
+  [Test same origin: Test no policy on first iframe]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on first iframe (bad directive)]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on first iframe (report directive)]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on second iframe (bad directive)]
+    expected: FAIL
+
+  [Test same origin: Test invalid policy on second iframe (report directive)]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini
new file mode 100644
index 0000000000..b15f274358
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/required_csp-header.html.ini
@@ -0,0 +1,67 @@
+[required_csp-header.html]
+  [Test Required-CSP value on `csp` change: Sec-Required-CSP is not sent if `csp` attribute is not set on <iframe>.]
+    expected: FAIL
+
+  [Test same origin: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test same origin redirect: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test cross origin redirect: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Send Sec-Required-CSP when `csp` attribute of <iframe> is not empty.]
+    expected: FAIL
+
+  [Test same origin: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test same origin redirect: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test cross origin redirect: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test cross origin redirect of cross origin iframe: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Send Sec-Required-CSP Header on change of `src` attribute on iframe.]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - gibberish csp]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - unknown policy name]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - unknown policy name in multiple directives]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - misspeled 'none']
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - query values in path]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - missing semicolon]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - comma separated]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - html encoded string]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - url encoded string]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - report-uri present]
+    expected: FAIL
+
+  [Test Required-CSP value on `csp` change: Wrong value of `csp` should not trigger sending Sec-Required-CSP Header - report-to present]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini
new file mode 100644
index 0000000000..652e50be05
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini
@@ -0,0 +1,6 @@
+[subsumption_algorithm-general.html]
+  [Iframe with empty returned CSP should be blocked.]
+    expected: FAIL
+
+  [Iframe with a different CSP should be blocked.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html.ini
new file mode 100644
index 0000000000..52a0659941
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-hashes.html.ini
@@ -0,0 +1,18 @@
+[subsumption_algorithm-hashes.html]
+  [Returned should not include hashes not present in required csp.]
+    expected: FAIL
+
+  [Hashes do not have to be present in returned csp but must not allow all inline behavior.]
+    expected: FAIL
+
+  [Other expressions have to be subsumed.]
+    expected: FAIL
+
+  [Required csp must allow 'sha256-abc123'.]
+    expected: FAIL
+
+  [Effective policy is properly found where 'sha256-abc123' is not subsumed.]
+    expected: FAIL
+
+  ['sha256-abc123' is not subsumed by 'sha256-abc456'.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-hosts.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-hosts.html.ini
new file mode 100644
index 0000000000..ab926be2b7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-hosts.html.ini
@@ -0,0 +1,13 @@
+[subsumption_algorithm-host_sources-hosts.html]
+  [Host must match.]
+    expected: FAIL
+
+  [Hosts without wildcards must match.]
+    expected: FAIL
+
+  [More specific subdomain should not match.]
+    expected: FAIL
+
+  [Specified host should not match a wildcard host.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-paths.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-paths.html.ini
new file mode 100644
index 0000000000..9cccb2793a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-paths.html.ini
@@ -0,0 +1,10 @@
+[subsumption_algorithm-host_sources-paths.html]
+  [Returned CSP must specify a path.]
+    expected: FAIL
+
+  [Empty path is not subsumed by specified paths.]
+    expected: FAIL
+
+  [That should not be true when required csp specifies a specific page.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-ports.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-ports.html.ini
new file mode 100644
index 0000000000..2e93544905
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-ports.html.ini
@@ -0,0 +1,15 @@
+[subsumption_algorithm-host_sources-ports.html]
+  [Specified ports must match.]
+    expected:
+      if debug and (os == "linux"): ["FAIL", "PASS"]
+      FAIL
+
+  [Returned CSP should be subsumed if the port is specified but is not default for a more secure scheme.]
+    expected: FAIL
+
+  [Wildcard port should not be subsumed by a default port.]
+    expected: FAIL
+
+  [Wildcard port should not be subsumed by a spcified port.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-protocols.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-protocols.html.ini
new file mode 100644
index 0000000000..ec4dcc0177
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-host_sources-protocols.html.ini
@@ -0,0 +1,13 @@
+[subsumption_algorithm-host_sources-protocols.html]
+  [`https` is more restrictive than `http`.]
+    expected: FAIL
+
+  [`http:` does not subsume other protocols.]
+    expected: FAIL
+
+  [If scheme source is present in returned csp, it must be specified in required csp too.]
+    expected: FAIL
+
+  [All scheme sources must be subsumed.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini
new file mode 100644
index 0000000000..1a05c2d95b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-none.html.ini
@@ -0,0 +1,26 @@
+[subsumption_algorithm-none.html]
+  [Required policy that allows `none` does not subsume empty list of policies.]
+    expected:
+      if (os == "linux") and debug: ["FAIL", "PASS"]
+      FAIL
+
+  [Required csp with effective `none` does not subsume a host source expression.]
+    expected:
+      if debug: ["FAIL", "PASS"]
+      FAIL
+
+  [Required csp with `none` does not subsume a host source expression.]
+    expected: FAIL
+
+  [Required csp with effective `none` does not subsume `none` of another directive.]
+    expected: FAIL
+
+  [Required csp with `none` does not subsume `none` of another directive.]
+    expected: FAIL
+
+  [Required csp with `none` does not subsume `none` of different directives.]
+    expected: FAIL
+
+  [Both required and returned csp are `none` for only one directive.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html.ini
new file mode 100644
index 0000000000..1fce751c20
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-self.html.ini
@@ -0,0 +1,7 @@
+[subsumption_algorithm-self.html]
+  [Returned CSP must not allow 'self' if required CSP does not.]
+    expected: FAIL
+
+  [Returned 'self' should not be subsumed by a more secure version of origin's url.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini
new file mode 100644
index 0000000000..acf6b7f871
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini
@@ -0,0 +1,4 @@
+[subsumption_algorithm-strict_dynamic.html]
+  ['strict-dynamic' has to be allowed by required csp if it is present in returned csp.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_eval.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_eval.html.ini
new file mode 100644
index 0000000000..4332f29925
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_eval.html.ini
@@ -0,0 +1,15 @@
+[subsumption_algorithm-unsafe_eval.html]
+  [No other keyword has the same effect as 'unsafe-eval'.]
+    expected: FAIL
+
+  [Other expressions have to be subsumed.]
+    expected:
+      if (os == "linux") and debug and not fission: ["FAIL", "PASS"]
+      FAIL
+
+  [Required csp must allow 'unsafe-eval'.]
+    expected: FAIL
+
+  [Effective policy is properly found where 'unsafe-eval' is not subsumed.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html.ini
new file mode 100644
index 0000000000..11d72acb84
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_hashes.html.ini
@@ -0,0 +1,13 @@
+[subsumption_algorithm-unsafe_hashes.html]
+  [No other keyword has the same effect as 'unsafe-hashes'.]
+    expected: FAIL
+
+  [Other expressions have to be subsumed.]
+    expected: FAIL
+
+  [Required csp must allow 'unsafe-hashes'.]
+    expected: FAIL
+
+  [Effective policy is properly found where 'unsafe-hashes' is not subsumed.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html.ini b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html.ini
new file mode 100644
index 0000000000..e99202a430
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-unsafe_inline.html.ini
@@ -0,0 +1,16 @@
+[subsumption_algorithm-unsafe_inline.html]
+  [Required csp allows `strict-dynamic`, but retuned csp does.]
+    expected: FAIL
+
+  [Required csp does not allow `unsafe-inline`, but retuned csp does.]
+    expected: FAIL
+
+  [Effective returned csp allows 'unsafe-inline']
+    expected: FAIL
+
+  [Returned csp allows a nonce.]
+    expected: FAIL
+
+  [Returned csp allows a hash.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini
new file mode 100644
index 0000000000..c8fae468f6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/font-src/font-stylesheet-font-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[font-stylesheet-font-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-allowed.sub.html.ini
new file mode 100644
index 0000000000..d75bdfa90c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini
new file mode 100644
index 0000000000..0710f2868d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-default-ignored.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-default-ignored.sub.html.ini
new file mode 100644
index 0000000000..d0fac2fec5
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-default-ignored.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-default-ignored.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-allowed.sub.html.ini
new file mode 100644
index 0000000000..dbb7081deb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-allowed.sub.html.ini
@@ -0,0 +1,6 @@
+[form-action-src-get-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Expecting logs: ["PASS","TEST COMPLETE"\]]
+    expected:
+      if (processor == "x86") and (os == "win") and not debug: [PASS, FAIL]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini
new file mode 100644
index 0000000000..426773a1c7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-get-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-get-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.ini
new file mode 100644
index 0000000000..4dafdfc4ea
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-javascript-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-prevented.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-prevented.html.ini
new file mode 100644
index 0000000000..2d2ecbc7eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-javascript-prevented.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-javascript-prevented.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-blank.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-blank.sub.html.ini
new file mode 100644
index 0000000000..64a665e349
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-blank.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-redirect-allowed-target-blank.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-frame.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-frame.sub.html.ini
new file mode 100644
index 0000000000..add50a2daa
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-allowed-target-frame.sub.html.ini
@@ -0,0 +1,3 @@
+[form-action-src-redirect-allowed-target-frame.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html.ini
new file mode 100644
index 0000000000..f1e807a383
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/form-action/form-action-src-redirect-blocked.sub.html.ini
@@ -0,0 +1,8 @@
+[form-action-src-redirect-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [form-action-src-redirect-blocked]
+    expected: FAIL
+
+  [Expecting logs: ["violated-directive=form-action","blocked-uri=http://web-platform.test:8000/common/redirect.py?location=http://www1.web-platform.test:8000/content-security-policy/support/postmessage-fail.html","TEST COMPLETE"\]]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/__dir__.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/__dir__.ini
new file mode 100644
index 0000000000..3b0e8936db
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/__dir__.ini
@@ -0,0 +1,2 @@
+lsan-allowed: [Alloc, AllocateProtoAndIfaceCache, alloc::raw_vec::finish_grow, mozilla::detail::HashTable, mozilla::dom::Performance::CreateForMainThread, mozilla::dom::PerformanceMainThread::CreateNavigationTimingEntry, mozilla::dom::ProtoAndIfaceCache::PageTableCache::EntrySlotOrCreate, mozilla::intl::FluentBundle::Constructor, mozilla::intl::FluentResource::Constructor, mozilla::net::nsStandardURL::TemplatedMutator, nsDynamicAtom::Create, nsPresContext::NotifyContentfulPaint]
+leak-threshold: [tab:409600]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html.ini
new file mode 100644
index 0000000000..1f3b994d86
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-from-serviceworker.https.html.ini
@@ -0,0 +1,9 @@
+[frame-ancestors-from-serviceworker.https.html]
+  expected:
+    if (os == "linux") and asan and not fission: [OK, CRASH]
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive set from a serviceworker response with a value 'none' should block rendering.]
+    expected:
+      if (os == "mac") and not debug: [PASS, TIMEOUT]
+      if (os == "android") and not debug: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html.ini
new file mode 100644
index 0000000000..1e9d094c5f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-none-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-cross-in-cross-none-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html.ini
new file mode 100644
index 0000000000..b7c2b0bb97
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-self-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-cross-in-cross-self-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html.ini
new file mode 100644
index 0000000000..ed0c0e867b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-star-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-cross-star-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html.ini
new file mode 100644
index 0000000000..cc679d992b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-cross-url-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html.ini
new file mode 100644
index 0000000000..312a5835bf
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-cross-url-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-cross-in-cross-url-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html.ini
new file mode 100644
index 0000000000..256a593099
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-cross-in-same-none-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html.ini
new file mode 100644
index 0000000000..c4bc352850
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-cross-in-same-self-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html.ini
new file mode 100644
index 0000000000..8273e3e2ca
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-star-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-same-star-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html.ini
new file mode 100644
index 0000000000..67945112b3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-same-url-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html.ini
new file mode 100644
index 0000000000..3075749bca
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-url-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-cross-in-same-url-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html.ini
new file mode 100644
index 0000000000..12aae2c4a6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html.ini
new file mode 100644
index 0000000000..04c0b512b7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-none-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-same-in-cross-none-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html.ini
new file mode 100644
index 0000000000..8f9dab50d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-self-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-same-in-cross-self-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'same' should block render in same-origin nested frames.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html.ini
new file mode 100644
index 0000000000..eeab3ec0a2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-star-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-cross-star-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html.ini
new file mode 100644
index 0000000000..75373c48d2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-cross-url-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html.ini
new file mode 100644
index 0000000000..64d1d9730b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-cross-url-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-same-in-cross-url-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html.ini
new file mode 100644
index 0000000000..a6180a1437
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-none-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-same-in-same-none-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering in nested frames.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html.ini
new file mode 100644
index 0000000000..c7e92a71b0
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-same-self-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html.ini
new file mode 100644
index 0000000000..29e58279ba
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-star-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-same-star-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html.ini
new file mode 100644
index 0000000000..6756475bcc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-nested-same-in-same-url-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html.ini
new file mode 100644
index 0000000000..ca43bb507a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-url-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-nested-same-in-same-url-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a URL value should block or allow rendering in nested frames as appropriate.]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+      if (os == "android") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini
new file mode 100644
index 0000000000..e97c0bbe33
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-none-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-none-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'none' should block rendering.]
+    expected:
+      if (os == "mac") and not debug: [PASS, TIMEOUT]
+      if (os == "android") and not debug: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html.ini
new file mode 100644
index 0000000000..ed28c71025
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-overrides-xfo.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-overrides-xfo.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive overrides an 'x-frame-options' header which would allow the page.]
+    expected:
+      if (os == "mac") and not debug: [PASS, TIMEOUT]
+      if (os == "android") and not debug: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-sandbox-same-origin-self.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-sandbox-same-origin-self.html.ini
new file mode 100644
index 0000000000..8dcc8524f6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-sandbox-same-origin-self.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-sandbox-same-origin-self.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-allow.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-allow.html.ini
new file mode 100644
index 0000000000..646768e3df
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-allow.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-self-allow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-block.html.ini
new file mode 100644
index 0000000000..f9801eb243
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-self-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-self-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a value 'self' should block rendering.]
+    expected:
+      if (os == "mac") and not debug: [PASS, TIMEOUT]
+      if (os == "android") and not debug: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-crossorigin.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-crossorigin.html.ini
new file mode 100644
index 0000000000..28434e79fc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-crossorigin.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-star-allow-crossorigin.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-sameorigin.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-sameorigin.html.ini
new file mode 100644
index 0000000000..779d099578
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-star-allow-sameorigin.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-star-allow-sameorigin.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-allow.sub.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-allow.sub.html.ini
new file mode 100644
index 0000000000..72019d59b6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-allow.sub.html.ini
@@ -0,0 +1,3 @@
+[frame-ancestors-url-allow.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-block.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-block.html.ini
new file mode 100644
index 0000000000..ca6892b765
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/frame-ancestors-url-block.html.ini
@@ -0,0 +1,8 @@
+[frame-ancestors-url-block.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not debug: [OK, TIMEOUT]
+  [A 'frame-ancestors' CSP directive with a URL which doesn't match this origin should be blocked.]
+    expected:
+      if (os == "mac") and not debug: [PASS, TIMEOUT]
+      if (os == "android") and not debug: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini
new file mode 100644
index 0000000000..8fe571e996
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/report-blocked-frame.sub.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-frame.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini b/testing/web-platform/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini
new file mode 100644
index 0000000000..34fb1f91f2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-ancestors/report-only-frame.sub.html.ini
@@ -0,0 +1,3 @@
+[report-only-frame.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
new file mode 100644
index 0000000000..0d7e215312
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-blocked.sub.html.ini
@@ -0,0 +1,4 @@
+[frame-src-blocked.sub.html]
+  [Expecting logs: ["PASS IFrame #1 generated a load event.","violated-directive=frame-src"\]]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-load.sub.html.ini b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-load.sub.html.ini
new file mode 100644
index 0000000000..2c6633ab03
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-load.sub.html.ini
@@ -0,0 +1,3 @@
+[frame-src-cross-origin-load.sub.html]
+  [frame-src-cross-origin-load 2]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
new file mode 100644
index 0000000000..d7aa5a1299
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-cross-origin-same-document-navigation.window.js.ini
@@ -0,0 +1,3 @@
+[frame-src-cross-origin-same-document-navigation.window.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-src/frame-src-redirect.html.ini b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-redirect.html.ini
new file mode 100644
index 0000000000..afc5b552aa
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-redirect.html.ini
@@ -0,0 +1,5 @@
+[frame-src-redirect.html]
+  expected: TIMEOUT
+  [Redirected iframe src should evaluate both enforced and report-only policies on both original request and when following redirect]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini
new file mode 100644
index 0000000000..a290a87fc7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-same-document.sub.html.ini
@@ -0,0 +1,3 @@
+[frame-src-same-document.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini
new file mode 100644
index 0000000000..cea7af731a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/frame-src/frame-src-self-unique-origin.html.ini
@@ -0,0 +1,3 @@
+[frame-src-self-unique-origin.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..9523c43ab8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..33d5c36e4a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.http.html.ini
new file mode 100644
index 0000000000..ffb862a26c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.http.html.ini
@@ -0,0 +1,26 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.https.html.ini
new file mode 100644
index 0000000000..e6e6e97222
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-import.https.html.ini
@@ -0,0 +1,26 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..d7c9a34ca1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..53eb874479
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..434d379f91
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..6c864861a7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..d79d620f44
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-paint-import-data.https.html]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..35a73a49e3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..8b3ce6b1f8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..3fcdfed02a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..d237a8a97f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 0000000000..2e24fd4c16
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 0000000000..d3ebd9af27
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..d7c9a34ca1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..434d379f91
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..bf0a01565b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..002596bbda
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/script-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..3fcdfed02a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..d237a8a97f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-import.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.http.html.ini
new file mode 100644
index 0000000000..2e24fd4c16
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.https.html.ini
new file mode 100644
index 0000000000..d3ebd9af27
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-import.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..caafc67d74
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..f9123aa5b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,19 @@
+[worklet-layout-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..bf0a01565b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..66b22a10d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-none/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..9523c43ab8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..33d5c36e4a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.http.html.ini
new file mode 100644
index 0000000000..ffb862a26c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.http.html.ini
@@ -0,0 +1,26 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.https.html.ini
new file mode 100644
index 0000000000..e6e6e97222
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-import.https.html.ini
@@ -0,0 +1,26 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..caafc67d74
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..9d425c9fd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..abfd5ffc84
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,19 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..66b22a10d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..3fcdfed02a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..d237a8a97f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.https.html.ini
new file mode 100644
index 0000000000..c8a8e2252a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 0000000000..2e24fd4c16
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 0000000000..d3ebd9af27
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..d07fb3b5f3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-animation-import-data.https.html]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..9d425c9fd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..1faa14a592
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,18 @@
+[worklet-layout.https.html]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..66b22a10d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.http-rp/worker-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..9523c43ab8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..33d5c36e4a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.http.html.ini
new file mode 100644
index 0000000000..ffb862a26c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.http.html.ini
@@ -0,0 +1,26 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.https.html.ini
new file mode 100644
index 0000000000..e6e6e97222
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-import.https.html.ini
@@ -0,0 +1,26 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..d7c9a34ca1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..53eb874479
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..434d379f91
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..6c864861a7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..002596bbda
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..35a73a49e3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..3fcdfed02a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..d237a8a97f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 0000000000..2e24fd4c16
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 0000000000..d3ebd9af27
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..d7c9a34ca1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..434d379f91
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..bf0a01565b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..002596bbda
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/script-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..3fcdfed02a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..d237a8a97f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-import.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.http.html.ini
new file mode 100644
index 0000000000..2e24fd4c16
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.https.html.ini
new file mode 100644
index 0000000000..d3ebd9af27
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-import.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..caafc67d74
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..9d425c9fd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..bf0a01565b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..66b22a10d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-none/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..9523c43ab8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.http.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..33d5c36e4a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-import.https.html.ini
@@ -0,0 +1,26 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for sharedworker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.http.html.ini
new file mode 100644
index 0000000000..ffb862a26c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.http.html.ini
@@ -0,0 +1,26 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and keep-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and no-redirect redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-http origin and swap-origin redirection from http context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-http origin and swap-origin redirection from http context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.https.html.ini
new file mode 100644
index 0000000000..e6e6e97222
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-import.https.html.ini
@@ -0,0 +1,26 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.: securitypolicyviolation]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects blocked for worker-import to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..caafc67d74
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..9d425c9fd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..bf0a01565b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..66b22a10d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-self/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.http.html.ini
new file mode 100644
index 0000000000..f7ef892bd1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.http.html.ini
@@ -0,0 +1,3 @@
+[script-tag.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.https.html.ini
new file mode 100644
index 0000000000..fb8d9dd0e1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/script-tag.https.html.ini
@@ -0,0 +1,3 @@
+[script-tag.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.http.html.ini
new file mode 100644
index 0000000000..7544c2b5eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.https.html.ini
new file mode 100644
index 0000000000..042f715b98
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.http.html.ini
new file mode 100644
index 0000000000..8bb45cc9ef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.https.html.ini
new file mode 100644
index 0000000000..e03d6788e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.http.html.ini
new file mode 100644
index 0000000000..3fcdfed02a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.https.html.ini
new file mode 100644
index 0000000000..d237a8a97f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-import.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.http.html.ini
new file mode 100644
index 0000000000..957fcb2ed8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.http.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.https.html.ini
new file mode 100644
index 0000000000..b0a64ca84f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/sharedworker-module.https.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.http.html.ini
new file mode 100644
index 0000000000..8c32533525
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.http.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.https.html.ini
new file mode 100644
index 0000000000..b671c1a911
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-classic.https.html.ini
@@ -0,0 +1,3 @@
+[worker-classic.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.http.html.ini
new file mode 100644
index 0000000000..2f289c0e9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.https.html.ini
new file mode 100644
index 0000000000..0010e389b4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import-data.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.http.html.ini
new file mode 100644
index 0000000000..2e24fd4c16
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.http.html.ini
@@ -0,0 +1,3 @@
+[worker-import.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.https.html.ini
new file mode 100644
index 0000000000..d3ebd9af27
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-import.https.html.ini
@@ -0,0 +1,3 @@
+[worker-import.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.http.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.http.html.ini
new file mode 100644
index 0000000000..0082540cbc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.http.html.ini
@@ -0,0 +1,3 @@
+[worker-module.http.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.https.html.ini
new file mode 100644
index 0000000000..ab06e1721a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worker-module.https.html.ini
@@ -0,0 +1,3 @@
+[worker-module.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation-import-data.https.html.ini
new file mode 100644
index 0000000000..caafc67d74
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation.https.html.ini
new file mode 100644
index 0000000000..cf5a59e372
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-animation.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-animation.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-animation to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio.https.html.ini
new file mode 100644
index 0000000000..be8ef13407
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-audio.https.html.ini
@@ -0,0 +1,3 @@
+[worklet-audio.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout-import-data.https.html.ini
new file mode 100644
index 0000000000..9d425c9fd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout.https.html.ini
new file mode 100644
index 0000000000..bf0a01565b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-layout.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-layout.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-layout to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint-import-data.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint-import-data.https.html.ini
new file mode 100644
index 0000000000..66b22a10d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint-import-data.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint-import-data.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint-import-data to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint.https.html.ini b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint.https.html.ini
new file mode 100644
index 0000000000..9e4aafce7b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/gen/top.meta/worker-src-wildcard/worklet-paint.https.html.ini
@@ -0,0 +1,20 @@
+[worklet-paint.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to cross-https origin and swap-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and keep-origin redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and no-redirect redirection from https context.]
+    expected: FAIL
+
+  [Content Security Policy: Expects allowed for worklet-paint to same-https origin and swap-origin redirection from https context.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/generic/304-response-should-update-csp.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/304-response-should-update-csp.sub.html.ini
new file mode 100644
index 0000000000..3770453d06
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/304-response-should-update-csp.sub.html.ini
@@ -0,0 +1,7 @@
+[304-response-should-update-csp.sub.html]
+  [Test that the first frame does not use nonce def]
+    expected: FAIL
+
+  [Test that the second frame does not use nonce abc]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/generic/eval-typecheck-callout-order.tentative.html.ini b/testing/web-platform/meta/content-security-policy/generic/eval-typecheck-callout-order.tentative.html.ini
new file mode 100644
index 0000000000..4dd707f03c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/eval-typecheck-callout-order.tentative.html.ini
@@ -0,0 +1,3 @@
+[eval-typecheck-callout-order.tentative.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html.ini
new file mode 100644
index 0000000000..af67eca9f9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/filesystem-urls-do-not-match-self.sub.html.ini
@@ -0,0 +1,8 @@
+[filesystem-urls-do-not-match-self.sub.html]
+  expected: TIMEOUT
+  [filesystem-urls-do-not-match-self]
+    expected: NOTRUN
+
+  [Expecting logs: ["violated-directive=script-src-elem"\]]
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html.ini
new file mode 100644
index 0000000000..8046609a6f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/filesystem-urls-match-filesystem.sub.html.ini
@@ -0,0 +1,4 @@
+[filesystem-urls-match-filesystem.sub.html]
+  [Expecting logs: ["PASS (1/1)"\]]
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_1-script-src.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_1-script-src.html.ini
new file mode 100644
index 0000000000..82aac26be6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_1-script-src.html.ini
@@ -0,0 +1,3 @@
+[generic-0_1-script-src.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_10_1.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_10_1.sub.html.ini
new file mode 100644
index 0000000000..262edeee8d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_10_1.sub.html.ini
@@ -0,0 +1,3 @@
+[generic-0_10_1.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_2.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_2.html.ini
new file mode 100644
index 0000000000..f734af0392
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_2.html.ini
@@ -0,0 +1,3 @@
+[generic-0_2.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_2_2.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_2_2.sub.html.ini
new file mode 100644
index 0000000000..6bcf1075f2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_2_2.sub.html.ini
@@ -0,0 +1,3 @@
+[generic-0_2_2.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_2_3.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_2_3.html.ini
new file mode 100644
index 0000000000..2fabdba4aa
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_2_3.html.ini
@@ -0,0 +1,3 @@
+[generic-0_2_3.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_8.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_8.sub.html.ini
new file mode 100644
index 0000000000..eddb62178d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_8.sub.html.ini
@@ -0,0 +1,3 @@
+[generic-0_8.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_8_1.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_8_1.sub.html.ini
new file mode 100644
index 0000000000..147f39dabe
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_8_1.sub.html.ini
@@ -0,0 +1,3 @@
+[generic-0_8_1.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/generic-0_9.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/generic-0_9.sub.html.ini
new file mode 100644
index 0000000000..6a0441ec24
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/generic-0_9.sub.html.ini
@@ -0,0 +1,3 @@
+[generic-0_9.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/invalid-characters-in-policy.html.ini b/testing/web-platform/meta/content-security-policy/generic/invalid-characters-in-policy.html.ini
new file mode 100644
index 0000000000..ec61b8a39f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/invalid-characters-in-policy.html.ini
@@ -0,0 +1,3 @@
+[invalid-characters-in-policy.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/no-default-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/no-default-src.sub.html.ini
new file mode 100644
index 0000000000..a964f16583
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/no-default-src.sub.html.ini
@@ -0,0 +1,7 @@
+[no-default-src.sub.html]
+  expected:
+    if (os == "android") and not swgl and not fission: [OK, TIMEOUT]
+    if (os == "android") and not swgl and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected:
+      if (os == "android") and not swgl: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/policy-does-not-affect-child.sub.html.ini b/testing/web-platform/meta/content-security-policy/generic/policy-does-not-affect-child.sub.html.ini
new file mode 100644
index 0000000000..8c888e4058
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/policy-does-not-affect-child.sub.html.ini
@@ -0,0 +1,3 @@
+[policy-does-not-affect-child.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html.ini b/testing/web-platform/meta/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html.ini
new file mode 100644
index 0000000000..8d5765c174
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/policy-inherited-correctly-by-plznavigate.html.ini
@@ -0,0 +1,3 @@
+[policy-inherited-correctly-by-plznavigate.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/generic/src-trailing-dot.sub.any.js.ini b/testing/web-platform/meta/content-security-policy/generic/src-trailing-dot.sub.any.js.ini
new file mode 100644
index 0000000000..d08e00f81f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/generic/src-trailing-dot.sub.any.js.ini
@@ -0,0 +1,18 @@
+[src-trailing-dot.sub.any.sharedworker.html]
+  [Fetch from host with trailing dot should be allowed by CSP.]
+    expected: FAIL
+
+
+[src-trailing-dot.sub.any.worker.html]
+  [Fetch from host with trailing dot should be allowed by CSP.]
+    expected: FAIL
+
+
+[src-trailing-dot.sub.any.serviceworker.html]
+  [Fetch from host with trailing dot should be allowed by CSP.]
+    expected: FAIL
+
+
+[src-trailing-dot.sub.any.html]
+  [Fetch from host with trailing dot should be allowed by CSP.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/img-src/icon-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/img-src/icon-blocked.sub.html.ini
new file mode 100644
index 0000000000..9b85cb8a7e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/img-src/icon-blocked.sub.html.ini
@@ -0,0 +1,7 @@
+[icon-blocked.sub.html]
+  expected:
+    if (os == "android"): TIMEOUT
+  [Test that spv event is fired]
+    expected:
+      if (os == "android"): NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/img-src/img-src-4_1.sub.html.ini b/testing/web-platform/meta/content-security-policy/img-src/img-src-4_1.sub.html.ini
new file mode 100644
index 0000000000..87a04f1fd8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/img-src/img-src-4_1.sub.html.ini
@@ -0,0 +1,3 @@
+[img-src-4_1.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/img-src/img-src-host-partial-wildcard-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/img-src/img-src-host-partial-wildcard-allowed.sub.html.ini
new file mode 100644
index 0000000000..bcc22fcfef
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/img-src/img-src-host-partial-wildcard-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[img-src-host-partial-wildcard-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/img-src/img-src-port-wildcard-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/img-src/img-src-port-wildcard-allowed.sub.html.ini
new file mode 100644
index 0000000000..71d547c491
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/img-src/img-src-port-wildcard-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[img-src-port-wildcard-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/img-src/img-src-self-unique-origin.html.ini b/testing/web-platform/meta/content-security-policy/img-src/img-src-self-unique-origin.html.ini
new file mode 100644
index 0000000000..f0c7605176
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/img-src/img-src-self-unique-origin.html.ini
@@ -0,0 +1,3 @@
+[img-src-self-unique-origin.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/img-src/img-src-wildcard-allowed.html.ini b/testing/web-platform/meta/content-security-policy/img-src/img-src-wildcard-allowed.html.ini
new file mode 100644
index 0000000000..0bbc6d5e12
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/img-src/img-src-wildcard-allowed.html.ini
@@ -0,0 +1,3 @@
+[img-src-wildcard-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/img-src/report-blocked-data-uri.sub.html.ini b/testing/web-platform/meta/content-security-policy/img-src/report-blocked-data-uri.sub.html.ini
new file mode 100644
index 0000000000..0cf3612ee0
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/img-src/report-blocked-data-uri.sub.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-data-uri.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/blob-inherits-from-meta-http-equiv-with-invalid-characters.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/blob-inherits-from-meta-http-equiv-with-invalid-characters.html.ini
new file mode 100644
index 0000000000..8e7cf127b7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/blob-inherits-from-meta-http-equiv-with-invalid-characters.html.ini
@@ -0,0 +1,4 @@
+[blob-inherits-from-meta-http-equiv-with-invalid-characters.html]
+  expected:
+    if (os == "mac") and not debug: [ERROR, OK]
+    ERROR
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html.ini
new file mode 100644
index 0000000000..396fde0bdf
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/blob-url-in-main-window-self-navigate-inherits.sub.html.ini
@@ -0,0 +1,5 @@
+[blob-url-in-main-window-self-navigate-inherits.sub.html]
+  [Violation report status OK.]
+    expected:
+      if (os == "linux") and debug and not fission: ["PASS", "FAIL"]
+
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/document-write-iframe.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/document-write-iframe.html.ini
new file mode 100644
index 0000000000..6dc3fa7d5f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/document-write-iframe.html.ini
@@ -0,0 +1,8 @@
+[document-write-iframe.html]
+  expected: TIMEOUT
+  [document.open() keeps inherited CSPs on empty iframe.]
+    expected: TIMEOUT
+
+  [document.open() does not change delivered CSPs.]
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/frame-src-javascript-url.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/frame-src-javascript-url.html.ini
new file mode 100644
index 0000000000..04d6287085
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/frame-src-javascript-url.html.ini
@@ -0,0 +1,5 @@
+[frame-src-javascript-url.html]
+  expected: TIMEOUT
+  [<iframe src='javascript:...'>'s inherits policy (dynamically inserted <iframe> is blocked)]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/history-iframe.sub.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/history-iframe.sub.html.ini
new file mode 100644
index 0000000000..deafa1ca19
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/history-iframe.sub.html.ini
@@ -0,0 +1,54 @@
+[history-iframe.sub.html]
+  expected:
+    if os == "android": OK
+    if os == "win": OK
+    [OK, TIMEOUT]
+  [History navigation in iframe: "about:blank" document is navigated back from history same-origin.]
+    expected:
+      if (os == "win") and (processor == "x86"): [PASS, FAIL]
+      if (os == "win") and (processor == "x86_64"): PASS
+      if os == "mac": [PASS, TIMEOUT]
+      if os == "android": PASS
+      [PASS, FAIL, TIMEOUT]
+
+  [History navigation in iframe: "about:blank" document is navigated back from history cross-origin.]
+    expected:
+      if (os == "linux") and fission: [PASS, FAIL, TIMEOUT, NOTRUN]
+      if (os == "linux") and not fission: [PASS, TIMEOUT, NOTRUN]
+      if os == "mac": [PASS, TIMEOUT, NOTRUN]
+
+  [History navigation in iframe: blob URL document is navigated back from history same-origin.]
+    expected:
+      if os == "android": PASS
+      if os == "win": PASS
+      [PASS, NOTRUN]
+
+  [History navigation in iframe: blob URL document is navigated back from history cross-origin.]
+    expected:
+      if os == "win": PASS
+      if os == "android": PASS
+      [PASS, NOTRUN]
+
+  [History navigation in iframe: data URL document is navigated back from history same-origin.]
+    expected:
+      if os == "android": PASS
+      if os == "win": PASS
+      [PASS, NOTRUN]
+
+  [History navigation in iframe: data URL document is navigated back from history cross-origin.]
+    expected:
+      if os == "win": PASS
+      if os == "android": PASS
+      [PASS, NOTRUN]
+
+  [History navigation in iframe: srcdoc iframe is navigated back from history same-origin.]
+    expected:
+      if os == "android": PASS
+      if os == "win": PASS
+      [PASS, NOTRUN]
+
+  [History navigation in iframe: srcdoc iframe is navigated back from history cross-origin.]
+    expected:
+      if os == "win": PASS
+      if os == "android": PASS
+      [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/history.sub.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/history.sub.html.ini
new file mode 100644
index 0000000000..2c2c3e8028
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/history.sub.html.ini
@@ -0,0 +1,16 @@
+[history.sub.html]
+  expected:
+    if (os == "mac") and debug: [OK, TIMEOUT]
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+  [History navigation: "about:blank" document is navigated back from history same-origin.]
+    expected:
+      if (os == "android") and not debug: [FAIL, TIMEOUT]
+      if (os == "mac") and not debug: [FAIL, TIMEOUT]
+      if (os == "mac") and debug: [FAIL, TIMEOUT]
+      FAIL
+
+  [History navigation: "about:blank" document is navigated back from history cross-origin.]
+    expected:
+      if (os == "mac") and not debug: [FAIL, TIMEOUT]
+      if (os == "mac") and debug: [FAIL, TIMEOUT]
+      FAIL
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html.ini
new file mode 100644
index 0000000000..407414902b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub.html.ini
@@ -0,0 +1,12 @@
+[iframe-all-local-schemes-inherit-self.sub.html]
+  expected:
+    if (os == "win") and not debug and (processor == "x86_64"): [TIMEOUT, OK]
+    if (os == "win") and not debug and (processor == "x86"): [TIMEOUT, OK]
+    if os == "android": [TIMEOUT, OK]
+    [OK, TIMEOUT]
+  [<iframe>'s about:blank inherits policy.]
+    expected:
+      if (os == "win") and not debug and (processor == "x86"): [TIMEOUT, PASS]
+      if (os == "win") and not debug and (processor == "x86_64"): [TIMEOUT, PASS]
+      if os == "android": [TIMEOUT, PASS]
+      [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
new file mode 100644
index 0000000000..59cd453268
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/iframe-all-local-schemes.sub.html.ini
@@ -0,0 +1,3 @@
+[iframe-all-local-schemes.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html.ini
new file mode 100644
index 0000000000..6d3afa1017
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-history-inheritance.html.ini
@@ -0,0 +1,3 @@
+[iframe-srcdoc-history-inheritance.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-inheritance.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-inheritance.html.ini
new file mode 100644
index 0000000000..85ba262dfb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/iframe-srcdoc-inheritance.html.ini
@@ -0,0 +1,3 @@
+[iframe-srcdoc-inheritance.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/inheritance-from-initiator.sub.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/inheritance-from-initiator.sub.html.ini
new file mode 100644
index 0000000000..8539210cae
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/inheritance-from-initiator.sub.html.ini
@@ -0,0 +1,3 @@
+[inheritance-from-initiator.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/inherited-csp-list-modifications-are-local.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/inherited-csp-list-modifications-are-local.html.ini
new file mode 100644
index 0000000000..7a2d2f5f79
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/inherited-csp-list-modifications-are-local.html.ini
@@ -0,0 +1,3 @@
+[inherited-csp-list-modifications-are-local.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/javascript-url-open-in-main-window.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/javascript-url-open-in-main-window.html.ini
new file mode 100644
index 0000000000..7706d419c2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/javascript-url-open-in-main-window.html.ini
@@ -0,0 +1,5 @@
+[javascript-url-open-in-main-window.html]
+  expected: TIMEOUT
+  [Executing Javascript URL keeps enforcing previous CSPs of the document.]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/javascript-url-srcdoc-cross-origin-iframe-inheritance.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/javascript-url-srcdoc-cross-origin-iframe-inheritance.html.ini
new file mode 100644
index 0000000000..ec54ef6abb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/javascript-url-srcdoc-cross-origin-iframe-inheritance.html.ini
@@ -0,0 +1,3 @@
+[javascript-url-srcdoc-cross-origin-iframe-inheritance.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/location-reload.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/location-reload.html.ini
new file mode 100644
index 0000000000..6ab124bed1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/location-reload.html.ini
@@ -0,0 +1,3 @@
+[location-reload.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/sandboxed-data-scheme.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/sandboxed-data-scheme.html.ini
new file mode 100644
index 0000000000..514f15d364
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/sandboxed-data-scheme.html.ini
@@ -0,0 +1,3 @@
+[sandboxed-data-scheme.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-blob-scheme.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-blob-scheme.html.ini
new file mode 100644
index 0000000000..bb8a4353b6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-blob-scheme.html.ini
@@ -0,0 +1,6 @@
+[unsandboxed-blob-scheme.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected:
+      if (processor == "x86") and debug: [PASS, FAIL]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-data-scheme.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-data-scheme.html.ini
new file mode 100644
index 0000000000..3981a2e150
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/unsandboxed-data-scheme.html.ini
@@ -0,0 +1,6 @@
+[unsandboxed-data-scheme.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected:
+      if (os == "linux") and debug and fission and not swgl: [PASS, FAIL]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/window-open-local-after-network-scheme.sub.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/window-open-local-after-network-scheme.sub.html.ini
new file mode 100644
index 0000000000..35b71e3bae
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/window-open-local-after-network-scheme.sub.html.ini
@@ -0,0 +1,3 @@
+[window-open-local-after-network-scheme.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inheritance/window.html.ini b/testing/web-platform/meta/content-security-policy/inheritance/window.html.ini
new file mode 100644
index 0000000000..a51d787ed9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inheritance/window.html.ini
@@ -0,0 +1,3 @@
+[window.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inside-worker/__dir__.ini b/testing/web-platform/meta/content-security-policy/inside-worker/__dir__.ini
new file mode 100644
index 0000000000..4652b4d3fe
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inside-worker/__dir__.ini
@@ -0,0 +1 @@
+lsan-allowed: [NS_NewRunnableFunction, detail::ProxyRelease, mozilla::SupportsThreadSafeWeakPtr, mozilla::ipc::BackgroundChildImpl::AllocPRemoteWorkerChild]
diff --git a/testing/web-platform/meta/content-security-policy/inside-worker/dedicatedworker-script-src.html.ini b/testing/web-platform/meta/content-security-policy/inside-worker/dedicatedworker-script-src.html.ini
new file mode 100644
index 0000000000..02ff2b150e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inside-worker/dedicatedworker-script-src.html.ini
@@ -0,0 +1,17 @@
+[dedicatedworker-script-src.html]
+  expected: TIMEOUT
+  [dedicatedworker-script-src]
+    expected: TIMEOUT
+
+  [Cross-origin `importScripts()` blocked in blob: with script-src 'self']
+    expected: TIMEOUT
+
+  [`eval()` blocked in blob: with script-src 'self']
+    expected: NOTRUN
+
+  [`setTimeout([string\])` blocked in blob: with script-src 'self']
+    expected: NOTRUN
+
+  [Reports are sent for blob: with script-src 'self']
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-connect-src.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-connect-src.https.sub.html.ini
new file mode 100644
index 0000000000..40ee62166b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-connect-src.https.sub.html.ini
@@ -0,0 +1,18 @@
+[serviceworker-connect-src.https.sub.html]
+  expected:
+    if (processor == "x86") and (os == "win") and not debug: [OK, TIMEOUT]
+  [Reports match in https: with connect-src 'self']
+    expected:
+      if swgl and (os == "linux") and fission: [PASS, FAIL]
+
+  [serviceworker-connect-src 2]
+    expected:
+      if (processor == "x86") and (os == "win") and not debug: [PASS, NOTRUN]
+
+  [serviceworker-connect-src 1]
+    expected:
+      if (processor == "x86") and (os == "win") and not debug: [PASS, NOTRUN]
+
+  [serviceworker-connect-src]
+    expected:
+      if (processor == "x86") and (os == "win") and not debug: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-report-only.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-report-only.https.sub.html.ini
new file mode 100644
index 0000000000..00eea6e476
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inside-worker/serviceworker-report-only.https.sub.html.ini
@@ -0,0 +1,3 @@
+[serviceworker-report-only.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-connect-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-connect-src.sub.html.ini
new file mode 100644
index 0000000000..03d4fdfc90
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-connect-src.sub.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-connect-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-report-only.sub.html.ini b/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-report-only.sub.html.ini
new file mode 100644
index 0000000000..99d889fc17
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-report-only.sub.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-report-only.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-script-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-script-src.sub.html.ini
new file mode 100644
index 0000000000..0ad2e3eba5
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/inside-worker/sharedworker-script-src.sub.html.ini
@@ -0,0 +1,3 @@
+[sharedworker-script-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/media-src/media-src-7_1.html.ini b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_1.html.ini
new file mode 100644
index 0000000000..14084aadeb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_1.html.ini
@@ -0,0 +1,2 @@
+[media-src-7_1.html]
+  disabled: https://bugzilla.mozilla.org/show_bug.cgi?id=1124091
diff --git a/testing/web-platform/meta/content-security-policy/media-src/media-src-7_2.html.ini b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_2.html.ini
new file mode 100644
index 0000000000..cd144a3baf
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_2.html.ini
@@ -0,0 +1,14 @@
+[media-src-7_2.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+  [In-policy audio src]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+
+  [In-policy audio source element]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
+
+  [Should not fire policy violation events]
+    expected:
+      if (os == "mac") and not debug: [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/media-src/media-src-7_3.sub.html.ini b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_3.sub.html.ini
new file mode 100644
index 0000000000..224ffd5420
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_3.sub.html.ini
@@ -0,0 +1,3 @@
+[media-src-7_3.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/media-src/media-src-7_3_2.sub.html.ini b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_3_2.sub.html.ini
new file mode 100644
index 0000000000..f89615ab50
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/media-src/media-src-7_3_2.sub.html.ini
@@ -0,0 +1,3 @@
+[media-src-7_3_2.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/media-src/media-src-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/media-src/media-src-blocked.sub.html.ini
new file mode 100644
index 0000000000..1294746caf
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/media-src/media-src-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[media-src-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/media-src/media-src-redir-bug.sub.html.ini b/testing/web-platform/meta/content-security-policy/media-src/media-src-redir-bug.sub.html.ini
new file mode 100644
index 0000000000..b0f310359b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/media-src/media-src-redir-bug.sub.html.ini
@@ -0,0 +1,3 @@
+[media-src-redir-bug.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/meta/sandbox-iframe.html.ini b/testing/web-platform/meta/content-security-policy/meta/sandbox-iframe.html.ini
new file mode 100644
index 0000000000..edc336e61b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/meta/sandbox-iframe.html.ini
@@ -0,0 +1,5 @@
+[sandbox-iframe.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [img-src 'self' works when specified in a meta tag.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/navigate-to/__dir__.ini b/testing/web-platform/meta/content-security-policy/navigate-to/__dir__.ini
new file mode 100644
index 0000000000..fd2a12ad38
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/navigate-to/__dir__.ini
@@ -0,0 +1 @@
+disabled: true
diff --git a/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html.ini b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html.ini
new file mode 100644
index 0000000000..285e3b0426
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-child-csp.html.ini
@@ -0,0 +1,3 @@
+[to-javascript-parent-initiated-child-csp.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp-disallow.html.ini b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp-disallow.html.ini
new file mode 100644
index 0000000000..d0d8d37a73
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp-disallow.html.ini
@@ -0,0 +1,3 @@
+[to-javascript-parent-initiated-parent-csp-disallow.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html.ini b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html.ini
new file mode 100644
index 0000000000..d2e55d364f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp.html.ini
@@ -0,0 +1,6 @@
+implementation-status: backlog
+[to-javascript-parent-initiated-parent-csp.html]
+  expected: TIMEOUT
+  [Should not have executed the javascript url]
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-frame-src.html.ini b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-frame-src.html.ini
new file mode 100644
index 0000000000..954366431b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-frame-src.html.ini
@@ -0,0 +1,3 @@
+[to-javascript-url-frame-src.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-script-src.html.ini b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-script-src.html.ini
new file mode 100644
index 0000000000..64cb52918b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/navigation/to-javascript-url-script-src.html.ini
@@ -0,0 +1,15 @@
+implementation-status: backlog
+[to-javascript-url-script-src.html]
+  expected: TIMEOUT
+  [<iframe src='javascript:'> blocked without 'unsafe-inline'.]
+    expected: TIMEOUT
+
+  [<iframe> navigated to 'javascript:' blocked without 'unsafe-inline'.]
+    expected: TIMEOUT
+
+  [<iframe src='...'> with 'unsafe-inline' navigated to 'javascript:' blocked in this document]
+    expected: TIMEOUT
+
+  [<iframe src='...'> without 'unsafe-inline' navigated to 'javascript:' blocked in this document.]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden.html.ini b/testing/web-platform/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden.html.ini
new file mode 100644
index 0000000000..3507381619
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/nonce-hiding/svgscript-nonces-hidden.html.ini
@@ -0,0 +1,3 @@
+[svgscript-nonces-hidden.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/object-src/object-src-no-url-blocked.html.ini b/testing/web-platform/meta/content-security-policy/object-src/object-src-no-url-blocked.html.ini
new file mode 100644
index 0000000000..240833d6a3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/object-src/object-src-no-url-blocked.html.ini
@@ -0,0 +1,5 @@
+[object-src-no-url-blocked.html]
+  expected: TIMEOUT
+  [Should block the object and fire a spv]
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/object-src/object-src-url-allowed.html.ini b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-allowed.html.ini
new file mode 100644
index 0000000000..8a5a255794
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-allowed.html.ini
@@ -0,0 +1,3 @@
+[object-src-url-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/object-src/object-src-url-blocked.html.ini b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-blocked.html.ini
new file mode 100644
index 0000000000..78fc5d5747
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-blocked.html.ini
@@ -0,0 +1,3 @@
+[object-src-url-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-allowed.html.ini b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-allowed.html.ini
new file mode 100644
index 0000000000..4227296cea
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-allowed.html.ini
@@ -0,0 +1,3 @@
+[object-src-url-embed-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-blocked.html.ini b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-blocked.html.ini
new file mode 100644
index 0000000000..aab46e8c26
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-embed-blocked.html.ini
@@ -0,0 +1,3 @@
+[object-src-url-embed-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-allowed.html.ini b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-allowed.html.ini
new file mode 100644
index 0000000000..5bd2d5e09d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-allowed.html.ini
@@ -0,0 +1,3 @@
+[object-src-url-redirect-allowed.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
diff --git a/testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-blocked.sub.html.ini
new file mode 100644
index 0000000000..35c3ed2f88
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/object-src/object-src-url-redirect-blocked.sub.html.ini
@@ -0,0 +1,9 @@
+[object-src-url-redirect-blocked.sub.html]
+  disabled:
+    if (os == "android"): bug 1553440
+  expected:
+    if (os == "android"): TIMEOUT
+  [Should block the object and fire a spv]
+    expected:
+      if (os == "android"): NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/plugin-types/__dir__.ini b/testing/web-platform/meta/content-security-policy/plugin-types/__dir__.ini
new file mode 100644
index 0000000000..79ef6f271a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/plugin-types/__dir__.ini
@@ -0,0 +1 @@
+implementation-status: not-implementing
\ No newline at end of file
diff --git a/testing/web-platform/meta/content-security-policy/prefetch-src/__dir__.ini b/testing/web-platform/meta/content-security-policy/prefetch-src/__dir__.ini
new file mode 100644
index 0000000000..2ef043b928
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/prefetch-src/__dir__.ini
@@ -0,0 +1 @@
+implementation-status: backlog
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/__dir__.ini b/testing/web-platform/meta/content-security-policy/reporting-api/__dir__.ini
new file mode 100644
index 0000000000..b67beb8e51
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/__dir__.ini
@@ -0,0 +1 @@
+prefs: [dom.reporting.enabled:true, dom.reporting.featurePolicy.enabled:true]
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/report-to-directive-allowed-in-meta.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/report-to-directive-allowed-in-meta.https.sub.html.ini
new file mode 100644
index 0000000000..e2e45b48cf
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/report-to-directive-allowed-in-meta.https.sub.html.ini
@@ -0,0 +1,9 @@
+[report-to-directive-allowed-in-meta.https.sub.html]
+  disabled: https://bugzilla.mozilla.org/show_bug.cgi?id=1845961
+  expected: TIMEOUT
+  [Report is observable to ReportingObserver]
+    expected: TIMEOUT
+
+  [Violation report status OK.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html.ini
new file mode 100644
index 0000000000..be6fd18762
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-only-sends-reports-on-violation.https.sub.html.ini
@@ -0,0 +1,5 @@
+[reporting-api-report-only-sends-reports-on-violation.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html.ini
new file mode 100644
index 0000000000..39bc351b02
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html.ini
@@ -0,0 +1,3 @@
+[reporting-api-report-to-only-sends-reports-to-first-endpoint.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html.ini
new file mode 100644
index 0000000000..eab757aac0
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-1.https.sub.html.ini
@@ -0,0 +1,3 @@
+[reporting-api-report-to-overrides-report-uri-1.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html.ini
new file mode 100644
index 0000000000..93f3f7db25
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-report-to-overrides-report-uri-2.https.sub.html.ini
@@ -0,0 +1,3 @@
+[reporting-api-report-to-overrides-report-uri-2.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html.ini
new file mode 100644
index 0000000000..7da058a08b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-sends-reports-on-violation.https.sub.html.ini
@@ -0,0 +1,9 @@
+implementation-status: backlog
+[reporting-api-sends-reports-on-violation.https.sub.html]
+  expected: TIMEOUT
+  [Violation report status OK.]
+    expected: [TIMEOUT, FAIL]
+
+  [Report is observable to ReportingObserver]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-ancestors.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-ancestors.https.sub.html.ini
new file mode 100644
index 0000000000..f64578e746
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-ancestors.https.sub.html.ini
@@ -0,0 +1,5 @@
+[reporting-api-works-on-frame-ancestors.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html.ini
new file mode 100644
index 0000000000..104a72cb89
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting-api/reporting-api-works-on-frame-src.https.sub.html.ini
@@ -0,0 +1,5 @@
+[reporting-api-works-on-frame-src.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/reporting/multiple-report-policies.html.ini b/testing/web-platform/meta/content-security-policy/reporting/multiple-report-policies.html.ini
new file mode 100644
index 0000000000..e3aec0df93
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/multiple-report-policies.html.ini
@@ -0,0 +1,4 @@
+[multiple-report-policies.html]
+  disabled:
+    if os == "linux": https://bugzilla.mozilla.org/show_bug.cgi?id=1435526
+    if debug and (os == "win"): https://bugzilla.mozilla.org/show_bug.cgi?id=1435526
diff --git a/testing/web-platform/meta/content-security-policy/reporting/post-redirect-stacktrace.https.html.ini b/testing/web-platform/meta/content-security-policy/reporting/post-redirect-stacktrace.https.html.ini
new file mode 100644
index 0000000000..4cf257d5d7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/post-redirect-stacktrace.https.html.ini
@@ -0,0 +1,7 @@
+[post-redirect-stacktrace.https.html]
+  expected: TIMEOUT
+  [CSP report do not leak cross-site post-redirect URL]
+    expected: NOTRUN
+
+  [CSP report do not leak cross-origin post-redirect URL]
+    expected: NOTRUN
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-blocked-data-uri.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-blocked-data-uri.html.ini
new file mode 100644
index 0000000000..07e551dba9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-blocked-data-uri.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-data-uri.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-blocked-uri.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-blocked-uri.html.ini
new file mode 100644
index 0000000000..5a59acf267
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-blocked-uri.html.ini
@@ -0,0 +1,3 @@
+[report-blocked-uri.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-clips-sample.https.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-clips-sample.https.html.ini
new file mode 100644
index 0000000000..264a407a3a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-clips-sample.https.html.ini
@@ -0,0 +1,10 @@
+[report-clips-sample.https.html]
+  [Unsafe eval violation sample is clipped to 40 characters.]
+    expected: FAIL
+
+  [Trusted Types violation sample is clipped to 40 characters excluded the sink name.]
+    expected: FAIL
+
+  [Function constructor - the other kind of eval - is clipped.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-cross-origin-no-cookies.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-cross-origin-no-cookies.sub.html.ini
new file mode 100644
index 0000000000..5019539641
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-cross-origin-no-cookies.sub.html.ini
@@ -0,0 +1,13 @@
+[report-cross-origin-no-cookies.sub.html]
+  expected:
+    if (os == "mac") and not debug: [OK, TIMEOUT]
+    if (os == "android") and not fission: [OK, TIMEOUT]
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected:
+      if (os == "win") and not debug and (processor == "x86"): [PASS, FAIL]
+      if (os == "mac") and not debug: [PASS, TIMEOUT]
+
+  [Test report cookies.]
+    expected:
+      if os == "android": [PASS, NOTRUN]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors-with-x-frame-options.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors-with-x-frame-options.sub.html.ini
new file mode 100644
index 0000000000..b8409a65c2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors-with-x-frame-options.sub.html.ini
@@ -0,0 +1,5 @@
+[report-frame-ancestors-with-x-frame-options.sub.html]
+  [Violation report status OK.]
+    expected:
+      if os == "mac": FAIL
+      if os == "linux": FAIL
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors.sub.html.ini
new file mode 100644
index 0000000000..0115571816
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-frame-ancestors.sub.html.ini
@@ -0,0 +1,9 @@
+[report-frame-ancestors.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected:
+      if win11_2009: PASS
+      if (os == "android") and not debug: [PASS, FAIL]
+      if (os == "android") and debug: PASS
+      FAIL
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-multiple-violations-02.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-multiple-violations-02.html.ini
new file mode 100644
index 0000000000..34b32e593a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-multiple-violations-02.html.ini
@@ -0,0 +1,9 @@
+[report-multiple-violations-02.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Test number of sent reports.]
+    expected: FAIL
+
+  [Violation report status OK.]
+    expected:
+      if (os == "android") and not debug: [PASS, FAIL]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-only-in-meta.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-only-in-meta.sub.html.ini
new file mode 100644
index 0000000000..75a342ce5d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-only-in-meta.sub.html.ini
@@ -0,0 +1,3 @@
+[report-only-in-meta.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-only-unsafe-eval.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-only-unsafe-eval.html.ini
new file mode 100644
index 0000000000..5ac01f4413
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-only-unsafe-eval.html.ini
@@ -0,0 +1,3 @@
+[report-only-unsafe-eval.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-original-url-on-mixed-content-frame.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-original-url-on-mixed-content-frame.https.sub.html.ini
new file mode 100644
index 0000000000..f49b518e32
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-original-url-on-mixed-content-frame.https.sub.html.ini
@@ -0,0 +1,5 @@
+[report-original-url-on-mixed-content-frame.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-original-url.sub.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-original-url.sub.html.ini
new file mode 100644
index 0000000000..f63f7b63d1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-original-url.sub.html.ini
@@ -0,0 +1,3 @@
+[report-original-url.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-preload-and-consume.https.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-preload-and-consume.https.html.ini
new file mode 100644
index 0000000000..53672dff76
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-preload-and-consume.https.html.ini
@@ -0,0 +1,6 @@
+[report-preload-and-consume.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+    TIMEOUT
+  [Reporting endpoints received credentials.]
+    expected: TIMEOUT
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-same-origin-with-cookies.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-same-origin-with-cookies.html.ini
new file mode 100644
index 0000000000..680f06e5b3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-same-origin-with-cookies.html.ini
@@ -0,0 +1,5 @@
+[report-same-origin-with-cookies.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Test report cookies.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-strips-fragment.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-strips-fragment.html.ini
new file mode 100644
index 0000000000..18c1308254
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-strips-fragment.html.ini
@@ -0,0 +1,3 @@
+[report-strips-fragment.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-uri-effective-directive.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-uri-effective-directive.html.ini
new file mode 100644
index 0000000000..bbe20fc013
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-uri-effective-directive.html.ini
@@ -0,0 +1,3 @@
+[report-uri-effective-directive.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-child-frame.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-child-frame.html.ini
new file mode 100644
index 0000000000..82baf62d91
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-child-frame.html.ini
@@ -0,0 +1,3 @@
+[report-uri-from-child-frame.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-inline-javascript.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-inline-javascript.html.ini
new file mode 100644
index 0000000000..2226ba9fa9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-inline-javascript.html.ini
@@ -0,0 +1,3 @@
+[report-uri-from-inline-javascript.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-javascript.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-javascript.html.ini
new file mode 100644
index 0000000000..78d5a2c22c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-uri-from-javascript.html.ini
@@ -0,0 +1,3 @@
+[report-uri-from-javascript.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple-reversed.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple-reversed.html.ini
new file mode 100644
index 0000000000..9896aa2f0c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple-reversed.html.ini
@@ -0,0 +1,3 @@
+[report-uri-multiple-reversed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple.html.ini
new file mode 100644
index 0000000000..657031de50
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-uri-multiple.html.ini
@@ -0,0 +1,3 @@
+[report-uri-multiple.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/reporting/report-uri-scheme-relative.html.ini b/testing/web-platform/meta/content-security-policy/reporting/report-uri-scheme-relative.html.ini
new file mode 100644
index 0000000000..4ccaa1aa92
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/reporting/report-uri-scheme-relative.html.ini
@@ -0,0 +1,4 @@
+[report-uri-scheme-relative.html]
+  [Violation report status OK.]
+    expected:
+      if (os == "android") and not debug: [PASS, FAIL]
diff --git a/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-by-any-directive.sub.html.ini b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-by-any-directive.sub.html.ini
new file mode 100644
index 0000000000..816cd785fe
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-by-any-directive.sub.html.ini
@@ -0,0 +1,10 @@
+[prefetch-allowed-by-any-directive.sub.html]
+  expected: TIMEOUT
+  [Prefetch should succeed when restricted by default-src but allowed by other directive]
+    expected: TIMEOUT
+
+  [Prefetch should fail when restricted by default-src and different origin allowed by other directive]
+    expected: NOTRUN
+
+  [Prefetch should succeed when restricted by default-src but origin allowed by other directive]
+    expected: NOTRUN
diff --git a/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-with-conflicting-permissive-policies.html.ini b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-with-conflicting-permissive-policies.html.ini
new file mode 100644
index 0000000000..0919ef94aa
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-allowed-with-conflicting-permissive-policies.html.ini
@@ -0,0 +1,4 @@
+[prefetch-allowed-with-conflicting-permissive-policies.html]
+  expected: TIMEOUT
+  [Prefetch should succeed when a directive in a policy is permissive, even if a subsequent policy overrides that.]
+    expected: TIMEOUT
diff --git a/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default-multiple-policies.html.ini b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default-multiple-policies.html.ini
new file mode 100644
index 0000000000..f795f8c5d4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default-multiple-policies.html.ini
@@ -0,0 +1,4 @@
+[prefetch-blocked-by-default-multiple-policies.html]
+  expected: TIMEOUT
+  [Prefetch should fail when restricted by default-src]
+    expected: TIMEOUT
diff --git a/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default.html.ini b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default.html.ini
new file mode 100644
index 0000000000..3ee2b910a5
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-blocked-by-default.html.ini
@@ -0,0 +1,4 @@
+[prefetch-blocked-by-default.html]
+  expected: TIMEOUT
+  [Prefetch should fail when restricted by default-src]
+    expected: TIMEOUT
diff --git a/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-generate-directives.html.ini b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-generate-directives.html.ini
new file mode 100644
index 0000000000..38162f1d82
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-generate-directives.html.ini
@@ -0,0 +1,72 @@
+[prefetch-generate-directives.html]
+  [Test that script-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that script-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that img-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that img-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that connect-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that connect-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that object-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that object-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that font-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that font-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that manifest-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that manifest-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that media-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that media-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that style-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that style-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that child-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that child-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that frame-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that frame-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that worker-src enabled with everything else disabled allows prefetching]
+    expected: FAIL
+
+  [Test that worker-src enabled with default-src disabled allows prefetching]
+    expected: FAIL
+
+  [Test that permissive script-src-elem supersedes script-src]
+    expected: FAIL
+
+  [Test that permissive script-src supersedes script-src-elem]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-ignores-prefetch-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-ignores-prefetch-src.sub.html.ini
new file mode 100644
index 0000000000..30e8ff98e7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/resource-hints/prefetch-ignores-prefetch-src.sub.html.ini
@@ -0,0 +1,4 @@
+[prefetch-ignores-prefetch-src.sub.html]
+  expected: TIMEOUT
+  [Prefetch should fail when restricted by default-src and allowed by unsupported prefetch-src directive (prefetch-src should be ignored)]
+    expected: TIMEOUT
diff --git a/testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty-subframe.sub.html.ini b/testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty-subframe.sub.html.ini
new file mode 100644
index 0000000000..f7b98c0dd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty-subframe.sub.html.ini
@@ -0,0 +1,3 @@
+[sandbox-empty-subframe.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty.sub.html.ini b/testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty.sub.html.ini
new file mode 100644
index 0000000000..c6ef6e9be3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/sandbox/sandbox-empty.sub.html.ini
@@ -0,0 +1,3 @@
+[sandbox-empty.sub.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
diff --git a/testing/web-platform/meta/content-security-policy/sandbox/service-worker-sandbox.https.html.ini b/testing/web-platform/meta/content-security-policy/sandbox/service-worker-sandbox.https.html.ini
new file mode 100644
index 0000000000..cfc750f262
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/sandbox/service-worker-sandbox.https.html.ini
@@ -0,0 +1,3 @@
+[service-worker-sandbox.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/sandbox/shared-worker-sandbox.html.ini b/testing/web-platform/meta/content-security-policy/sandbox/shared-worker-sandbox.html.ini
new file mode 100644
index 0000000000..42c96bc8f2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/sandbox/shared-worker-sandbox.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-sandbox.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/sandbox/window-reuse-sandboxed.html.ini b/testing/web-platform/meta/content-security-policy/sandbox/window-reuse-sandboxed.html.ini
new file mode 100644
index 0000000000..b74fc0b887
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/sandbox/window-reuse-sandboxed.html.ini
@@ -0,0 +1,3 @@
+[window-reuse-sandboxed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/sandbox/window-reuse-unsandboxed.html.ini b/testing/web-platform/meta/content-security-policy/sandbox/window-reuse-unsandboxed.html.ini
new file mode 100644
index 0000000000..f4bbe0845d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/sandbox/window-reuse-unsandboxed.html.ini
@@ -0,0 +1,3 @@
+[window-reuse-unsandboxed.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
diff --git a/testing/web-platform/meta/content-security-policy/script-src-attr-elem/__dir__.ini b/testing/web-platform/meta/content-security-policy/script-src-attr-elem/__dir__.ini
new file mode 100644
index 0000000000..3bf8188c76
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src-attr-elem/__dir__.ini
@@ -0,0 +1 @@
+implementation-status: backlog
diff --git a/testing/web-platform/meta/content-security-policy/script-src/__dir__.ini b/testing/web-platform/meta/content-security-policy/script-src/__dir__.ini
new file mode 100644
index 0000000000..0229377837
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/__dir__.ini
@@ -0,0 +1 @@
+lsan-allowed: [already_AddRefed, detail::ProxyRelease, mozilla::SupportsThreadSafeWeakPtr, mozilla::ipc::BackgroundChildImpl::AllocPRemoteWorkerChild]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.ini b/testing/web-platform/meta/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.ini
new file mode 100644
index 0000000000..2133a6aad9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/hash-always-converted-to-utf-8/utf-8.html.ini
@@ -0,0 +1,3 @@
+[utf-8.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/javascript-window-open-blocked.html.ini b/testing/web-platform/meta/content-security-policy/script-src/javascript-window-open-blocked.html.ini
new file mode 100644
index 0000000000..482c520355
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/javascript-window-open-blocked.html.ini
@@ -0,0 +1,3 @@
+[javascript-window-open-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_1.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_1.html.ini
new file mode 100644
index 0000000000..5b8cc4e727
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_1.html.ini
@@ -0,0 +1,3 @@
+[script-src-1_1.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_10_1.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_10_1.html.ini
new file mode 100644
index 0000000000..4daea0ea59
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_10_1.html.ini
@@ -0,0 +1,3 @@
+[script-src-1_10_1.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_2.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_2.html.ini
new file mode 100644
index 0000000000..8f763fe393
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_2.html.ini
@@ -0,0 +1,3 @@
+[script-src-1_2.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_2_1.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_2_1.html.ini
new file mode 100644
index 0000000000..05feccd4cb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_2_1.html.ini
@@ -0,0 +1,3 @@
+[script-src-1_2_1.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_3.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_3.html.ini
new file mode 100644
index 0000000000..ba7823939d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_3.html.ini
@@ -0,0 +1,3 @@
+[script-src-1_3.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4.html.ini
new file mode 100644
index 0000000000..41378c133d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4.html.ini
@@ -0,0 +1,3 @@
+[script-src-1_4.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_1.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_1.html.ini
new file mode 100644
index 0000000000..ed5e9f73fc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_1.html.ini
@@ -0,0 +1,5 @@
+[script-src-1_4_1.html]
+  disabled:
+    if os == "win": bug 1094323
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_2.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_2.html.ini
new file mode 100644
index 0000000000..7f30f25258
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_4_2.html.ini
@@ -0,0 +1,3 @@
+[script-src-1_4_2.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-multiple-hashing-algorithms.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-multiple-hashing-algorithms.html.ini
new file mode 100644
index 0000000000..4168827bd0
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-multiple-hashing-algorithms.html.ini
@@ -0,0 +1,3 @@
+[script-src-multiple-policies-multiple-hashing-algorithms.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-one-using-hashing-algorithms.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-one-using-hashing-algorithms.html.ini
new file mode 100644
index 0000000000..54c8cd47d2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-multiple-policies-one-using-hashing-algorithms.html.ini
@@ -0,0 +1,3 @@
+[script-src-multiple-policies-one-using-hashing-algorithms.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-overrides-default-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-overrides-default-src.sub.html.ini
new file mode 100644
index 0000000000..62b545fa4f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-overrides-default-src.sub.html.ini
@@ -0,0 +1,3 @@
+[script-src-overrides-default-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy.html.ini
new file mode 100644
index 0000000000..57dc32dbd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy.html.ini
@@ -0,0 +1,3 @@
+[script-src-report-only-policy-works-with-hash-policy.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_eval.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_eval.html.ini
new file mode 100644
index 0000000000..00d5f8380c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_eval.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_and_unsafe_eval_eval.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_new_function.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_new_function.html.ini
new file mode 100644
index 0000000000..44cfa087ed
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_and_unsafe_eval_new_function.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_and_unsafe_eval_new_function.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_discard_source_expressions.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_discard_source_expressions.html.ini
new file mode 100644
index 0000000000..44b238ebd8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_discard_source_expressions.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_discard_source_expressions.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_different_nonce.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_different_nonce.html.ini
new file mode 100644
index 0000000000..3fc83ed8f3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_different_nonce.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_double_policy_different_nonce.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html.ini
new file mode 100644
index 0000000000..04be905d00
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_report_only.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_report_only.html.ini
new file mode 100644
index 0000000000..6c20025f61
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_double_policy_report_only.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_double_policy_report_only.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_eval.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_eval.html.ini
new file mode 100644
index 0000000000..dbda70d090
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_eval.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_eval.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_hashes.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_hashes.html.ini
new file mode 100644
index 0000000000..4aae75b70f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_hashes.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_hashes.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_in_img-src.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_in_img-src.html.ini
new file mode 100644
index 0000000000..bb81bcb0ce
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_in_img-src.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_in_img-src.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_javascript_uri.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_javascript_uri.html.ini
new file mode 100644
index 0000000000..7ac86a1d3b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_javascript_uri.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_javascript_uri.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_meta_tag.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_meta_tag.html.ini
new file mode 100644
index 0000000000..4c4cbfb285
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_meta_tag.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_meta_tag.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_new_function.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_new_function.html.ini
new file mode 100644
index 0000000000..2d78e15593
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_new_function.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_new_function.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted.html.ini
new file mode 100644
index 0000000000..5661eae6fe
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_non_parser_inserted.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html.ini
new file mode 100644
index 0000000000..b616b72cc7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_non_parser_inserted_incorrect_nonce.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted.html.ini
new file mode 100644
index 0000000000..51a88a5f85
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_parser_inserted.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted_correct_nonce.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted_correct_nonce.html.ini
new file mode 100644
index 0000000000..5141ac2679
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_parser_inserted_correct_nonce.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_parser_inserted_correct_nonce.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker-importScripts.https.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker-importScripts.https.html.ini
new file mode 100644
index 0000000000..a901cfbcaa
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker-importScripts.https.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_worker-importScripts.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker.https.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker.https.html.ini
new file mode 100644
index 0000000000..b984104f8e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-strict_dynamic_worker.https.html.ini
@@ -0,0 +1,3 @@
+[script-src-strict_dynamic_worker.https.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-wildcards-disallowed.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-wildcards-disallowed.html.ini
new file mode 100644
index 0000000000..84b9ab96b1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-wildcards-disallowed.html.ini
@@ -0,0 +1,3 @@
+[script-src-wildcards-disallowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-allowed.sub.html.ini
new file mode 100644
index 0000000000..fbb73475f6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-base64url-converts-to-base64.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-base64url-converts-to-base64.sub.html.ini
new file mode 100644
index 0000000000..5b82b78986
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-base64url-converts-to-base64.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-base64url-converts-to-base64.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked-error-event.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked-error-event.html.ini
new file mode 100644
index 0000000000..07be83bb33
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked-error-event.html.ini
@@ -0,0 +1,3 @@
+[scripthash-basic-blocked-error-event.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked.sub.html.ini
new file mode 100644
index 0000000000..c328026f27
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-basic-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-basic-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-case-insensitive.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-case-insensitive.sub.html.ini
new file mode 100644
index 0000000000..f62b8e7a50
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-case-insensitive.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-case-insensitive.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-1.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-1.html.ini
new file mode 100644
index 0000000000..237ba4c6b3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-1.html.ini
@@ -0,0 +1,5 @@
+[scripthash-changed-1.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [scr1.innerText before modification should not be blocked]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-2.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-2.html.ini
new file mode 100644
index 0000000000..15983b4d85
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-changed-2.html.ini
@@ -0,0 +1,3 @@
+[scripthash-changed-2.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-default-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-default-src.sub.html.ini
new file mode 100644
index 0000000000..be29f728c3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-default-src.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-default-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-ignore-unsafeinline.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-ignore-unsafeinline.sub.html.ini
new file mode 100644
index 0000000000..85cd13bfa8
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-ignore-unsafeinline.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-ignore-unsafeinline.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scripthash-unicode-normalization.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scripthash-unicode-normalization.sub.html.ini
new file mode 100644
index 0000000000..3518d486ea
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scripthash-unicode-normalization.sub.html.ini
@@ -0,0 +1,3 @@
+[scripthash-unicode-normalization.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-allowed.sub.html.ini
new file mode 100644
index 0000000000..44409f9725
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-and-scripthash.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-and-scripthash.sub.html.ini
new file mode 100644
index 0000000000..e29d244a78
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-and-scripthash.sub.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-and-scripthash.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-basic-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-basic-blocked.sub.html.ini
new file mode 100644
index 0000000000..05981b3d28
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-basic-blocked.sub.html.ini
@@ -0,0 +1,5 @@
+implementation-status: backlog
+[scriptnonce-basic-blocked.sub.html]
+  [Expecting alerts: ["PASS (closely-quoted nonce)","PASS (nonce w/whitespace)", "violated-directive=script-src-elem", "violated-directive=script-src-elem", "violated-directive=script-src-elem"\]]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-1.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-1.html.ini
new file mode 100644
index 0000000000..a796e9f5e6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-1.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-changed-1.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-2.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-2.html.ini
new file mode 100644
index 0000000000..234f0bba60
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-changed-2.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-changed-2.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub.html.ini
new file mode 100644
index 0000000000..2fb5be837d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-ignore-unsafeinline.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-redirect.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-redirect.sub.html.ini
new file mode 100644
index 0000000000..9a0e497219
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-redirect.sub.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-redirect.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-specified-source.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-specified-source.sub.html.ini
new file mode 100644
index 0000000000..5a86e9f66f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/scriptnonce-specified-source.sub.html.ini
@@ -0,0 +1,3 @@
+[scriptnonce-specified-source.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub.html.ini
new file mode 100644
index 0000000000..9e439ed117
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub.html.ini
@@ -0,0 +1,3 @@
+[srcdoc-doesnt-bypass-script-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/worker-eval-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/worker-eval-blocked.sub.html.ini
new file mode 100644
index 0000000000..599b06347b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/worker-eval-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-eval-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/worker-function-function-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/worker-function-function-blocked.sub.html.ini
new file mode 100644
index 0000000000..685ca59ba2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/worker-function-function-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-function-function-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/worker-importscripts.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/worker-importscripts.sub.html.ini
new file mode 100644
index 0000000000..0fa80a1f11
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/worker-importscripts.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-importscripts.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/worker-script-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/worker-script-src.sub.html.ini
new file mode 100644
index 0000000000..0e29cd0aec
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/worker-script-src.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-script-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/script-src/worker-set-timeout.sub.html.ini b/testing/web-platform/meta/content-security-policy/script-src/worker-set-timeout.sub.html.ini
new file mode 100644
index 0000000000..1e9f9e34f7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/script-src/worker-set-timeout.sub.html.ini
@@ -0,0 +1,3 @@
+[worker-set-timeout.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/__dir__.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/__dir__.ini
new file mode 100644
index 0000000000..af3fba20e4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/__dir__.ini
@@ -0,0 +1 @@
+lsan-allowed: [Alloc, Create, Malloc, Then, mozilla::BasePrincipal::CreateContentPrincipal, mozilla::dom::DocGroup::Create, mozilla::dom::ServiceWorkerJobQueue::RunJob, mozilla::dom::ServiceWorkerManager::Unregister, mozilla::dom::ServiceWorkerRegistrationMainThread::Unregister, mozilla::dom::UnregisterCallback::UnregisterCallback, mozilla::net::nsStandardURL::TemplatedMutator, operator]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/blockeduri-ws-wss-scheme.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/blockeduri-ws-wss-scheme.html.ini
new file mode 100644
index 0000000000..14fa5353a9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/blockeduri-ws-wss-scheme.html.ini
@@ -0,0 +1,3 @@
+[blockeduri-ws-wss-scheme.html]
+  [redirect]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/constructor-required-fields.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/constructor-required-fields.html.ini
new file mode 100644
index 0000000000..2f9acb5fd2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/constructor-required-fields.html.ini
@@ -0,0 +1,19 @@
+[constructor-required-fields.html]
+  [SecurityPolicyViolationEvent constructor requires statusCode]
+    expected: FAIL
+
+  [SecurityPolicyViolationEvent constructor requires effectiveDirective]
+    expected: FAIL
+
+  [SecurityPolicyViolationEvent constructor requires originalPolicy]
+    expected: FAIL
+
+  [SecurityPolicyViolationEvent constructor requires violatedDirective]
+    expected: FAIL
+
+  [SecurityPolicyViolationEvent constructor requires disposition]
+    expected: FAIL
+
+  [SecurityPolicyViolationEvent constructor requires documentURI]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/idlharness.window.js.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/idlharness.window.js.ini
new file mode 100644
index 0000000000..e5dab8bd61
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/idlharness.window.js.ini
@@ -0,0 +1,56 @@
+[idlharness.window.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [CSPViolationReportBody interface: existence and properties of interface prototype object's @@unscopables property]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute sample]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute effectiveDirective]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute disposition]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute lineNumber]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: existence and properties of interface object]
+    expected: FAIL
+
+  [CSPViolationReportBody interface object length]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute blockedURL]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute sourceFile]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute documentURL]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute referrer]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: existence and properties of interface prototype object]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute statusCode]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute originalPolicy]
+    expected: FAIL
+
+  [CSPViolationReportBody interface object name]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: attribute columnNumber]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: existence and properties of interface prototype object's "constructor" property]
+    expected: FAIL
+
+  [CSPViolationReportBody interface: operation toJSON()]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/img-src-redirect.sub.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/img-src-redirect.sub.html.ini
new file mode 100644
index 0000000000..dc27a13569
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/img-src-redirect.sub.html.ini
@@ -0,0 +1,3 @@
+[img-src-redirect.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-dedicated-worker.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-dedicated-worker.html.ini
new file mode 100644
index 0000000000..5f397384fe
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-dedicated-worker.html.ini
@@ -0,0 +1,3 @@
+[inside-dedicated-worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-service-worker.https.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-service-worker.https.html.ini
new file mode 100644
index 0000000000..21fb1c9313
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-service-worker.https.html.ini
@@ -0,0 +1,4 @@
+[inside-service-worker.https.html]
+  expected:
+    if (os == "win") and not debug: [OK, TIMEOUT]
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-shared-worker.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-shared-worker.html.ini
new file mode 100644
index 0000000000..773d30d71a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/inside-shared-worker.html.ini
@@ -0,0 +1,3 @@
+[inside-shared-worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample-no-opt-in.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample-no-opt-in.html.ini
new file mode 100644
index 0000000000..cc26361eb3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample-no-opt-in.html.ini
@@ -0,0 +1,5 @@
+[script-sample-no-opt-in.html]
+  expected: TIMEOUT
+  [JavaScript URLs in iframes should not have a sample.]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample.html.ini
new file mode 100644
index 0000000000..d5b1514fde
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/script-sample.html.ini
@@ -0,0 +1,5 @@
+[script-sample.html]
+  expected: TIMEOUT
+  [JavaScript URLs in iframes should have a sample.]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html.ini
new file mode 100644
index 0000000000..53511670ce
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-cross-origin-image-from-script.sub.html.ini
@@ -0,0 +1,3 @@
+[securitypolicyviolation-block-cross-origin-image-from-script.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-image-from-script.sub.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-image-from-script.sub.html.ini
new file mode 100644
index 0000000000..1383fa7806
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/securitypolicyviolation-block-image-from-script.sub.html.ini
@@ -0,0 +1,3 @@
+[securitypolicyviolation-block-image-from-script.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-blob-scheme.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-blob-scheme.html.ini
new file mode 100644
index 0000000000..5317fa0e5b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-blob-scheme.html.ini
@@ -0,0 +1,3 @@
+[source-file-blob-scheme.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-data-scheme.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-data-scheme.html.ini
new file mode 100644
index 0000000000..0dee05a8e3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file-data-scheme.html.ini
@@ -0,0 +1,3 @@
+[source-file-data-scheme.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini
new file mode 100644
index 0000000000..068106a874
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/source-file.html.ini
@@ -0,0 +1,4 @@
+[source-file.html]
+  expected:
+    if (os == "android") and fission: [ERROR, TIMEOUT]
+    ERROR
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample-no-opt-in.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample-no-opt-in.html.ini
new file mode 100644
index 0000000000..75211d6d26
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample-no-opt-in.html.ini
@@ -0,0 +1,3 @@
+[style-sample-no-opt-in.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample.html.ini
new file mode 100644
index 0000000000..af5a618ebd
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/style-sample.html.ini
@@ -0,0 +1,3 @@
+[style-sample.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/targeting.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/targeting.html.ini
new file mode 100644
index 0000000000..e679e99070
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/targeting.html.ini
@@ -0,0 +1,11 @@
+[targeting.html]
+  expected: TIMEOUT
+  [Correct targeting inside shadow tree (inline handler).]
+    disabled: https://bugzilla.mozilla.org/show_bug.cgi?id=1404842
+
+  [Correct targeting inside shadow tree (style).]
+    disabled: https://bugzilla.mozilla.org/show_bug.cgi?id=1404842
+
+  [Elements created in this document, but pushed into a same-origin frame trigger on that frame's document, not on this frame's document.]
+    expected: TIMEOUT
+
diff --git a/testing/web-platform/meta/content-security-policy/securitypolicyviolation/upgrade-insecure-requests-reporting.https.html.ini b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/upgrade-insecure-requests-reporting.https.html.ini
new file mode 100644
index 0000000000..0e0ea06b9b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/securitypolicyviolation/upgrade-insecure-requests-reporting.https.html.ini
@@ -0,0 +1,7 @@
+[upgrade-insecure-requests-reporting.https.html]
+  expected:
+    if (processor == "x86") and (os == "win") and not debug: ["OK", "TIMEOUT"]
+  [Navigated iframe is upgraded and reported]
+    expected:
+      if (processor == "x86") and (os == "win") and not debug: ["PASS", "TIMEOUT"]
+
diff --git a/testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed.html.ini
new file mode 100644
index 0000000000..b1c1ee8870
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-elem-blocked-attr-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed.html.ini
new file mode 100644
index 0000000000..125becbfdd
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-elem-blocked-src-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/import-style-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/import-style-allowed.sub.html.ini
new file mode 100644
index 0000000000..b2ba54aff5
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/import-style-allowed.sub.html.ini
@@ -0,0 +1,2 @@
+[import-style-allowed.sub.html]
+  expected: ERROR
diff --git a/testing/web-platform/meta/content-security-policy/style-src/import-style-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/import-style-blocked.sub.html.ini
new file mode 100644
index 0000000000..14e556cb04
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/import-style-blocked.sub.html.ini
@@ -0,0 +1,2 @@
+[import-style-blocked.sub.html]
+  expected: ERROR
diff --git a/testing/web-platform/meta/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html.ini
new file mode 100644
index 0000000000..0824bc7379
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub.html.ini
@@ -0,0 +1,6 @@
+[inline-style-allowed-while-cloning-objects.sub.html]
+  [inline-style-allowed-while-cloning-objects 18]
+    expected: FAIL
+
+  [inline-style-allowed-while-cloning-objects 19]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-allowed.sub.html.ini
new file mode 100644
index 0000000000..15929dbf4f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[inline-style-attribute-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-blocked.sub.html.ini
new file mode 100644
index 0000000000..63481ca2fc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[inline-style-attribute-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-on-html.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-on-html.sub.html.ini
new file mode 100644
index 0000000000..cc050e74a7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/inline-style-attribute-on-html.sub.html.ini
@@ -0,0 +1,3 @@
+[inline-style-attribute-on-html.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/inline-style-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/inline-style-blocked.sub.html.ini
new file mode 100644
index 0000000000..7f2255146e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/inline-style-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[inline-style-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-blocked.html.ini
new file mode 100644
index 0000000000..abf466fc80
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-blocked.html.ini
@@ -0,0 +1,5 @@
+[style-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [document.styleSheets should contain an item for the blocked CSS.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-error-event-fires.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-error-event-fires.html.ini
new file mode 100644
index 0000000000..a1d6e4f375
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-error-event-fires.html.ini
@@ -0,0 +1,6 @@
+implementation-status: backlog
+[style-src-error-event-fires.html]
+  expected: TIMEOUT
+  [Test error event fires on inline style]
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-allowed.html.ini
new file mode 100644
index 0000000000..3fea53fb34
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-hash-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-blocked.html.ini
new file mode 100644
index 0000000000..80c144532a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-hash-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-case-insensitive.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-case-insensitive.html.ini
new file mode 100644
index 0000000000..792b018c78
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-case-insensitive.html.ini
@@ -0,0 +1,3 @@
+[style-src-hash-case-insensitive.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-default-src-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-default-src-allowed.html.ini
new file mode 100644
index 0000000000..4900f1dbae
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-hash-default-src-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-hash-default-src-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-allowed.sub.html.ini
new file mode 100644
index 0000000000..f6e28319ca
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[style-src-imported-style-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-blocked.html.ini
new file mode 100644
index 0000000000..6ad9068006
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-imported-style-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-imported-style-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed-with-content-hash.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed-with-content-hash.html.ini
new file mode 100644
index 0000000000..80f7907aa7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed-with-content-hash.html.ini
@@ -0,0 +1,3 @@
+[style-src-injected-inline-style-allowed-with-content-hash.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed.html.ini
new file mode 100644
index 0000000000..d7eafdf11f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-injected-inline-style-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-blocked.html.ini
new file mode 100644
index 0000000000..3e3a714f67
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-inline-style-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-injected-inline-style-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-allowed.sub.html.ini
new file mode 100644
index 0000000000..ad7b695cad
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[style-src-injected-stylesheet-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub.html.ini
new file mode 100644
index 0000000000..c307455b0b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[style-src-injected-stylesheet-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-allowed.html.ini
new file mode 100644
index 0000000000..07f2acbb55
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-inline-style-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-allowed.html.ini
new file mode 100644
index 0000000000..63e0421062
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-inline-style-attribute-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-blocked.html.ini
new file mode 100644
index 0000000000..c482ee7f95
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-attribute-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-inline-style-attribute-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-blocked.html.ini
new file mode 100644
index 0000000000..8e289c21f1
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-inline-style-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-allowed.html.ini
new file mode 100644
index 0000000000..ada8b7d8ba
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-inline-style-nonce-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked-error-event.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked-error-event.html.ini
new file mode 100644
index 0000000000..ff07448d9e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked-error-event.html.ini
@@ -0,0 +1,6 @@
+implementation-status: backlog
+[style-src-inline-style-nonce-blocked-error-event.html]
+  expected: TIMEOUT
+  [Test that paragraph remains unmodified and error events received.]
+    expected: NOTRUN
+
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked.html.ini
new file mode 100644
index 0000000000..3b5d9aed11
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-inline-style-nonce-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-inline-style-nonce-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html.ini
new file mode 100644
index 0000000000..0165ccfe3f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-multiple-policies-multiple-hashing-algorithms.html.ini
@@ -0,0 +1,7 @@
+[style-src-multiple-policies-multiple-hashing-algorithms.html]
+  expected:
+    if (os == "android") and not swgl and fission: [OK, TIMEOUT]
+    if (os == "android") and not swgl and not fission: [OK, TIMEOUT]
+  [Violation report status OK.]
+    expected:
+      if (os == "android") and not swgl: [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-none-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-none-blocked.html.ini
new file mode 100644
index 0000000000..23c4decb65
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-none-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-none-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-star-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-star-allowed.html.ini
new file mode 100644
index 0000000000..21945a9a54
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-star-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-star-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-allowed.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-allowed.html.ini
new file mode 100644
index 0000000000..9f7577a0b9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-allowed.html.ini
@@ -0,0 +1,3 @@
+[style-src-stylesheet-nonce-allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-blocked.html.ini b/testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-blocked.html.ini
new file mode 100644
index 0000000000..9a85ab84c5
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/style-src-stylesheet-nonce-blocked.html.ini
@@ -0,0 +1,3 @@
+[style-src-stylesheet-nonce-blocked.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/stylehash-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/stylehash-allowed.sub.html.ini
new file mode 100644
index 0000000000..145cc32bd4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/stylehash-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[stylehash-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/stylehash-basic-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/stylehash-basic-blocked.sub.html.ini
new file mode 100644
index 0000000000..c0b74d4cad
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/stylehash-basic-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[stylehash-basic-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/stylehash-default-src.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/stylehash-default-src.sub.html.ini
new file mode 100644
index 0000000000..a19ec40ea4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/stylehash-default-src.sub.html.ini
@@ -0,0 +1,3 @@
+[stylehash-default-src.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/stylenonce-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/stylenonce-allowed.sub.html.ini
new file mode 100644
index 0000000000..8b12084afc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/stylenonce-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[stylenonce-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/style-src/stylenonce-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/style-src/stylenonce-blocked.sub.html.ini
new file mode 100644
index 0000000000..3b903d4914
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/style-src/stylenonce-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[stylenonce-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/svg/object-in-svg-foreignobject.sub.html.ini b/testing/web-platform/meta/content-security-policy/svg/object-in-svg-foreignobject.sub.html.ini
new file mode 100644
index 0000000000..f387e7d522
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/svg/object-in-svg-foreignobject.sub.html.ini
@@ -0,0 +1,2 @@
+[object-in-svg-foreignobject.sub.html]
+  disabled: https://github.com/web-platform-tests/wpt/issues/12282
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-blocked.sub.html.ini
new file mode 100644
index 0000000000..863656d03d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[eval-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setInterval-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setInterval-allowed.sub.html.ini
new file mode 100644
index 0000000000..a559eea3da
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setInterval-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[eval-scripts-setInterval-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-allowed.sub.html.ini
new file mode 100644
index 0000000000..2d63d56194
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[eval-scripts-setTimeout-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-blocked.sub.html.ini
new file mode 100644
index 0000000000..dcdb661da4
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-eval/eval-scripts-setTimeout-blocked.sub.html.ini
@@ -0,0 +1,6 @@
+[eval-scripts-setTimeout-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Expecting logs: ["PASS","violated-directive=script-src"\]]
+    expected:
+      if (processor == "x86") and not debug: [PASS, FAIL]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-allowed.sub.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-allowed.sub.html.ini
new file mode 100644
index 0000000000..d83338f248
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-allowed.sub.html.ini
@@ -0,0 +1,3 @@
+[function-constructor-allowed.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-blocked.sub.html.ini
new file mode 100644
index 0000000000..cdc2153fbf
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-eval/function-constructor-blocked.sub.html.ini
@@ -0,0 +1,3 @@
+[function-constructor-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/__dir__.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/__dir__.ini
new file mode 100644
index 0000000000..18dd33687a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/__dir__.ini
@@ -0,0 +1 @@
+prefs: [dom.targetBlankNoOpener.enabled:false]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html.ini
new file mode 100644
index 0000000000..b246e21d3d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-href_blank.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_allowed-href_blank.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html.ini
new file mode 100644
index 0000000000..8389a861b3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_location.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_allowed-window_location.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html.ini
new file mode 100644
index 0000000000..ba124c7b54
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_allowed-window_open.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_allowed-window_open.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-attr.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-attr.html.ini
new file mode 100644
index 0000000000..c292b6d3da
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-attr.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-attr.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html.ini
new file mode 100644
index 0000000000..39167678ec
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-href_blank-script-src-elem.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html.ini
new file mode 100644
index 0000000000..d0c3fca4c7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-href_blank.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html.ini
new file mode 100644
index 0000000000..6da98d6a99
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_location.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-window_location.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html.ini
new file mode 100644
index 0000000000..61473ae657
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_missing_unsafe_hashes-window_open.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html.ini
new file mode 100644
index 0000000000..5c7214748b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-href.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-attr.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-attr.html.ini
new file mode 100644
index 0000000000..2276ff8dac
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-attr.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-href_blank-script-src-attr.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-elem.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-elem.html.ini
new file mode 100644
index 0000000000..bf8489cbba
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-script-src-elem.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-href_blank-script-src-elem.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html.ini
new file mode 100644
index 0000000000..965ac7f2a2
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-href_blank.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html.ini
new file mode 100644
index 0000000000..afce1781e9
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_location.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-window_location.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html.ini
new file mode 100644
index 0000000000..adec8f787a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open.html.ini
@@ -0,0 +1,3 @@
+[javascript_src_denied_wrong_hash-window_open.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html.ini
new file mode 100644
index 0000000000..0a0ba91a7a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_allowed.html.ini
@@ -0,0 +1,3 @@
+[script_event_handlers_allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html.ini
new file mode 100644
index 0000000000..418322bc42
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes.html.ini
@@ -0,0 +1,3 @@
+[script_event_handlers_denied_missing_unsafe_hashes.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html.ini
new file mode 100644
index 0000000000..e0bb62d364
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash.html.ini
@@ -0,0 +1,3 @@
+[script_event_handlers_denied_wrong_hash.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_allowed.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_allowed.html.ini
new file mode 100644
index 0000000000..57ee65f4d6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_allowed.html.ini
@@ -0,0 +1,3 @@
+[style_attribute_allowed.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html.ini
new file mode 100644
index 0000000000..4989198df5
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes.html.ini
@@ -0,0 +1,3 @@
+[style_attribute_denied_missing_unsafe_hashes.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html.ini b/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html.ini
new file mode 100644
index 0000000000..babb086a64
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash.html.ini
@@ -0,0 +1,3 @@
+[style_attribute_denied_wrong_hash.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-blocks-wasm.any.js.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-blocks-wasm.any.js.ini
new file mode 100644
index 0000000000..7922f69997
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-blocks-wasm.any.js.ini
@@ -0,0 +1,13 @@
+[default-src-blocks-wasm.any.serviceworker.html]
+
+[default-src-blocks-wasm.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[default-src-blocks-wasm.any.worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[default-src-blocks-wasm.any.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-unsafe-eval-allows-wasm.any.js.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-unsafe-eval-allows-wasm.any.js.ini
new file mode 100644
index 0000000000..395e40e207
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-unsafe-eval-allows-wasm.any.js.ini
@@ -0,0 +1,15 @@
+[default-src-unsafe-eval-allows-wasm.any.worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[default-src-unsafe-eval-allows-wasm.any.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
+
+[default-src-unsafe-eval-allows-wasm.any.serviceworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[default-src-unsafe-eval-allows-wasm.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-wasm-unsafe-eval-allows-wasm.any.js.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-wasm-unsafe-eval-allows-wasm.any.js.ini
new file mode 100644
index 0000000000..1b0636899e
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/default-src-wasm-unsafe-eval-allows-wasm.any.js.ini
@@ -0,0 +1,15 @@
+[default-src-wasm-unsafe-eval-allows-wasm.any.serviceworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[default-src-wasm-unsafe-eval-allows-wasm.any.worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[default-src-wasm-unsafe-eval-allows-wasm.any.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[default-src-wasm-unsafe-eval-allows-wasm.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/postMessage-wasm-module.html.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/postMessage-wasm-module.html.ini
new file mode 100644
index 0000000000..4f48b36fc5
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/postMessage-wasm-module.html.ini
@@ -0,0 +1,3 @@
+[postMessage-wasm-module.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-blocks-wasm.any.js.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-blocks-wasm.any.js.ini
new file mode 100644
index 0000000000..11d9a6f4ab
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-blocks-wasm.any.js.ini
@@ -0,0 +1,15 @@
+[script-src-blocks-wasm.any.worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-blocks-wasm.any.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-blocks-wasm.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-blocks-wasm.any.serviceworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-spv-asynch.any.js.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-spv-asynch.any.js.ini
new file mode 100644
index 0000000000..2427b2428f
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-spv-asynch.any.js.ini
@@ -0,0 +1,15 @@
+[script-src-spv-asynch.any.serviceworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-spv-asynch.any.worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-spv-asynch.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-spv-asynch.any.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-unsafe-eval-allows-wasm.any.js.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-unsafe-eval-allows-wasm.any.js.ini
new file mode 100644
index 0000000000..8bb0fba2eb
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-unsafe-eval-allows-wasm.any.js.ini
@@ -0,0 +1,15 @@
+[script-src-unsafe-eval-allows-wasm.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-unsafe-eval-allows-wasm.any.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
+
+[script-src-unsafe-eval-allows-wasm.any.worker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-unsafe-eval-allows-wasm.any.serviceworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-wasm-unsafe-eval-allows-wasm.any.js.ini b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-wasm-unsafe-eval-allows-wasm.any.js.ini
new file mode 100644
index 0000000000..2ff9144afc
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/wasm-unsafe-eval/script-src-wasm-unsafe-eval-allows-wasm.any.js.ini
@@ -0,0 +1,15 @@
+[script-src-wasm-unsafe-eval-allows-wasm.any.serviceworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-wasm-unsafe-eval-allows-wasm.any.worker.html]
+  expected:
+    if (os == "android") and fission: [TIMEOUT, OK]
+
+[script-src-wasm-unsafe-eval-allows-wasm.any.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+
+[script-src-wasm-unsafe-eval-allows-wasm.any.sharedworker.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/webrtc/webrtc-allowed-explicit.html.ini b/testing/web-platform/meta/content-security-policy/webrtc/webrtc-allowed-explicit.html.ini
new file mode 100644
index 0000000000..f982824fc3
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/webrtc/webrtc-allowed-explicit.html.ini
@@ -0,0 +1,3 @@
+[webrtc-allowed-explicit.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-explicit.html.ini b/testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-explicit.html.ini
new file mode 100644
index 0000000000..08f9839e5d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-explicit.html.ini
@@ -0,0 +1,3 @@
+[webrtc-blocked-explicit.html]
+  [webrtc blocked with an explicit webrtc blocked policy]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-unknown.html.ini b/testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-unknown.html.ini
new file mode 100644
index 0000000000..8b3a4b82f6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/webrtc/webrtc-blocked-unknown.html.ini
@@ -0,0 +1,5 @@
+[webrtc-blocked-unknown.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [webrtc blocked with an unrecognized explicit webrtc policy]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/__dir__.ini b/testing/web-platform/meta/content-security-policy/worker-src/__dir__.ini
new file mode 100644
index 0000000000..ad001e7142
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/__dir__.ini
@@ -0,0 +1 @@
+lsan-allowed: [NS_NewRunnableFunction, already_AddRefed, detail::ProxyRelease, mozilla::SupportsThreadSafeWeakPtr, mozilla::ipc::BackgroundChildImpl::AllocPRemoteWorkerChild]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/dedicated-none.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-none.sub.html.ini
new file mode 100644
index 0000000000..dd098643ee
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-none.sub.html.ini
@@ -0,0 +1,7 @@
+[dedicated-none.sub.html]
+  [Same-origin dedicated worker blocked by host-source expression.]
+    expected: FAIL
+
+  [blob: dedicated worker blocked by 'blob:'.]
+    expected: FAIL
+
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/dedicated-self.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-self.sub.html.ini
new file mode 100644
index 0000000000..333dde62ec
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-self.sub.html.ini
@@ -0,0 +1,3 @@
+[dedicated-self.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback-blocked.sub.html.ini
new file mode 100644
index 0000000000..3e47c6dde6
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback-blocked.sub.html.ini
@@ -0,0 +1,5 @@
+[dedicated-worker-src-child-fallback-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Same-origin dedicated worker allowed by worker-src 'self'.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback.sub.html.ini
new file mode 100644
index 0000000000..4a3e1ccb1d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-child-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[dedicated-worker-src-child-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-default-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-default-fallback.sub.html.ini
new file mode 100644
index 0000000000..58a02db521
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-default-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[dedicated-worker-src-default-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-script-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-script-fallback.sub.html.ini
new file mode 100644
index 0000000000..68995f34fe
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-script-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[dedicated-worker-src-script-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-self-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-self-fallback.sub.html.ini
new file mode 100644
index 0000000000..f33fec2f89
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/dedicated-worker-src-self-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[dedicated-worker-src-self-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-child.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-child.https.sub.html.ini
new file mode 100644
index 0000000000..94ccb6820d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-child.https.sub.html.ini
@@ -0,0 +1,6 @@
+[service-child.https.sub.html]
+  expected:
+    if (os == "win") and not debug and (processor == "x86_64"): [OK, TIMEOUT]
+  [Same-origin service worker allowed by host-source expression.]
+    expected:
+      if (os == "win") and not debug and (processor == "x86_64"): [PASS, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-fallback.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-fallback.https.sub.html.ini
new file mode 100644
index 0000000000..68e3a9d40d
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-fallback.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-fallback.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-list.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-list.https.sub.html.ini
new file mode 100644
index 0000000000..f72a100097
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-list.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-list.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-none.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-none.https.sub.html.ini
new file mode 100644
index 0000000000..3c1c3eb867
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-none.https.sub.html.ini
@@ -0,0 +1,5 @@
+[service-none.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Same-origin service worker blocked by 'none'.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-self.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-self.https.sub.html.ini
new file mode 100644
index 0000000000..c3c494cdf7
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-self.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-self.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback-blocked.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback-blocked.https.sub.html.ini
new file mode 100644
index 0000000000..297791a67c
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback-blocked.https.sub.html.ini
@@ -0,0 +1,5 @@
+[service-worker-src-child-fallback-blocked.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Same-origin service worker allowed by child-src 'self'.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback.https.sub.html.ini
new file mode 100644
index 0000000000..4a9676f353
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-child-fallback.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-worker-src-child-fallback.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-default-fallback.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-default-fallback.https.sub.html.ini
new file mode 100644
index 0000000000..50e6893134
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-default-fallback.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-worker-src-default-fallback.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-script-fallback.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-script-fallback.https.sub.html.ini
new file mode 100644
index 0000000000..1b9ab08618
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-script-fallback.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-worker-src-script-fallback.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-self-fallback.https.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-self-fallback.https.sub.html.ini
new file mode 100644
index 0000000000..733e89e218
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/service-worker-src-self-fallback.https.sub.html.ini
@@ -0,0 +1,3 @@
+[service-worker-src-self-fallback.https.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-child.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-child.sub.html.ini
new file mode 100644
index 0000000000..0843099d84
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-child.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-child.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-fallback.sub.html.ini
new file mode 100644
index 0000000000..5a3019ae64
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-fallback.sub.html.ini
@@ -0,0 +1,6 @@
+[shared-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [blob: dedicated worker allowed by 'blob:'.]
+    expected:
+      if (os == "android") and debug: [PASS, FAIL]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-list.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-list.sub.html.ini
new file mode 100644
index 0000000000..d9b74ddc12
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-list.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-list.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-none.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-none.sub.html.ini
new file mode 100644
index 0000000000..72c3d97eca
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-none.sub.html.ini
@@ -0,0 +1,8 @@
+[shared-none.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Same-origin shared worker blocked by 'none'.]
+    expected: FAIL
+
+  [blob: shared worker blocked by 'none'.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-self.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-self.sub.html.ini
new file mode 100644
index 0000000000..cfac0e6537
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-self.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-self.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback-blocked.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback-blocked.sub.html.ini
new file mode 100644
index 0000000000..4330502b4b
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback-blocked.sub.html.ini
@@ -0,0 +1,5 @@
+[shared-worker-src-child-fallback-blocked.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
+  [Same-origin shared worker allowed by child-src 'self'.]
+    expected: FAIL
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback.sub.html.ini
new file mode 100644
index 0000000000..e0eeaa05ba
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-child-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-child-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-default-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-default-fallback.sub.html.ini
new file mode 100644
index 0000000000..e7407de67a
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-default-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-default-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-script-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-script-fallback.sub.html.ini
new file mode 100644
index 0000000000..e896159e44
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-script-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-script-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
diff --git a/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-self-fallback.sub.html.ini b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-self-fallback.sub.html.ini
new file mode 100644
index 0000000000..a4d0b66057
--- /dev/null
+++ b/testing/web-platform/meta/content-security-policy/worker-src/shared-worker-src-self-fallback.sub.html.ini
@@ -0,0 +1,3 @@
+[shared-worker-src-self-fallback.sub.html]
+  expected:
+    if (os == "android") and fission: [OK, TIMEOUT]
-- 
cgit v1.2.3