diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
| commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
| tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /testing/web-platform/meta/fetch/security | |
| parent | Initial commit. (diff) | |
| download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip | |
Adding upstream version 115.7.0esr.upstream/115.7.0esrupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/meta/fetch/security')
4 files changed, 65 insertions, 0 deletions
diff --git a/testing/web-platform/meta/fetch/security/dangling-markup-mitigation-data-url.tentative.sub.html.ini b/testing/web-platform/meta/fetch/security/dangling-markup-mitigation-data-url.tentative.sub.html.ini new file mode 100644 index 0000000000..dc11141ac4 --- /dev/null +++ b/testing/web-platform/meta/fetch/security/dangling-markup-mitigation-data-url.tentative.sub.html.ini @@ -0,0 +1,19 @@ +[dangling-markup-mitigation-data-url.tentative.sub.html] + [<iframe id="dangling"\\n src="data:text/html,\\n <img\\n onload='window.parent.postMessage("loaded", "*");'\\n onerror='window.parent.postMessage("error", "*");'\\n src='http://web-platform.test:8000/images/gr een-256x256.png?<'>\\n ">\\n </iframe>] + expected: FAIL + + [<iframe id="dangling"\\n src=" data:text/html,\\n <img\\n onload='window.parent.postMessage("loaded", "*");'\\n onerror='window.parent.postMessage("error", "*");'\\n src='http://web-platform.test:8000/images/gr een-256x256.png?<'>\\n ">\\n </iframe>] + expected: FAIL + + [<iframe id="dangling"\\n src="\\ndata:text/html,\\n <img\\n onload='window.parent.postMessage("loaded", "*");'\\n onerror='window.parent.postMessage("error", "*");'\\n src='http://web-platform.test:8000/images/gr een-256x256.png?<'>\\n ">\\n </iframe>] + expected: FAIL + + [<iframe id="dangling"\\n src=" data:text/html,\\n <img\\n onload='window.parent.postMessage("loaded", "*");'\\n onerror='window.parent.postMessage("error", "*");'\\n src='http://web-platform.test:8000/images/gr een-256x256.png?<'>\\n ">\\n </iframe>] + expected: FAIL + + [<iframe id="dangling"\\n src="\\tdata:text/html,\\n <img\\n onload='window.parent.postMessage("loaded", "*");'\\n onerror='window.parent.postMessage("error", "*");'\\n src='http://web-platform.test:8000/images/gr een-256x256.png?<'>\\n ">\\n </iframe>] + expected: FAIL + + [<iframe id="dangling"\\n src="\\rdata:text/html,\\n <img\\n onload='window.parent.postMessage("loaded", "*");'\\n onerror='window.parent.postMessage("error", "*");'\\n src='http://web-platform.test:8000/images/gr een-256x256.png?<'>\\n ">\\n </iframe>] + expected: FAIL + diff --git a/testing/web-platform/meta/fetch/security/dangling-markup-mitigation.tentative.html.ini b/testing/web-platform/meta/fetch/security/dangling-markup-mitigation.tentative.html.ini new file mode 100644 index 0000000000..d187b884a4 --- /dev/null +++ b/testing/web-platform/meta/fetch/security/dangling-markup-mitigation.tentative.html.ini @@ -0,0 +1,29 @@ +[dangling-markup-mitigation.tentative.html] + expected: + if (os == "android") and fission: [TIMEOUT, OK] + [Fetch: /images/gre\\nen-1x1.png?img=<] + expected: FAIL + + [Fetch: /images/gre\\ren-1x1.png?img=<] + expected: FAIL + + [Fetch: /images/gre\\ten-1x1.png?img=<] + expected: FAIL + + [Fetch: /images/green-1x1.png?<\\n=block] + expected: FAIL + + [Fetch: /images/green-1x1.png?<\\r=block] + expected: FAIL + + [Fetch: /images/green-1x1.png?<\\t=block] + expected: FAIL + + [<img id="dangling" src="/images/green-1x1.png?img= <b">] + expected: FAIL + + [<img id="dangling" src="/images/green-1x1.png?img=< b">] + expected: FAIL + + [\\n <img id="dangling" src="/images/green-1x1.png?img=\\n <\\n b\\n ">\\n ] + expected: FAIL diff --git a/testing/web-platform/meta/fetch/security/embedded-credentials.tentative.sub.html.ini b/testing/web-platform/meta/fetch/security/embedded-credentials.tentative.sub.html.ini new file mode 100644 index 0000000000..5aac034595 --- /dev/null +++ b/testing/web-platform/meta/fetch/security/embedded-credentials.tentative.sub.html.ini @@ -0,0 +1,14 @@ +[embedded-credentials.tentative.sub.html] + expected: + if (os == "android") and fission: [OK, TIMEOUT] + [Embedded credentials are treated as network errors in frames.] + expected: FAIL + + [Embedded credentials are treated as network errors in new windows.] + expected: FAIL + + [Embedded credentials matching the top-level are treated as network errors for cross-origin URLs.] + expected: FAIL + + [Embedded credentials are treated as network errors.] + expected: FAIL diff --git a/testing/web-platform/meta/fetch/security/redirect-to-url-with-credentials.https.html.ini b/testing/web-platform/meta/fetch/security/redirect-to-url-with-credentials.https.html.ini new file mode 100644 index 0000000000..3c0d97a69b --- /dev/null +++ b/testing/web-platform/meta/fetch/security/redirect-to-url-with-credentials.https.html.ini @@ -0,0 +1,3 @@ +[redirect-to-url-with-credentials.https.html] + expected: + if (os == "android") and fission: [OK, TIMEOUT] |