From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 21:33:14 +0200 Subject: Adding upstream version 115.7.0esr. Signed-off-by: Daniel Baumann --- .../browser_mixedContentFramesOnHttp.js | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 browser/base/content/test/siteIdentity/browser_mixedContentFramesOnHttp.js (limited to 'browser/base/content/test/siteIdentity/browser_mixedContentFramesOnHttp.js') diff --git a/browser/base/content/test/siteIdentity/browser_mixedContentFramesOnHttp.js b/browser/base/content/test/siteIdentity/browser_mixedContentFramesOnHttp.js new file mode 100644 index 0000000000..c6096342cc --- /dev/null +++ b/browser/base/content/test/siteIdentity/browser_mixedContentFramesOnHttp.js @@ -0,0 +1,37 @@ +/* + * Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ + * + * Test for Bug 1182551 - + * + * This test has a top level HTTP page with an HTTPS iframe. The HTTPS iframe + * includes an HTTP image. We check that the top level security state is + * STATE_IS_INSECURE. The mixed content from the iframe shouldn't "upgrade" + * the HTTP top level page to broken HTTPS. + */ + +const TEST_URL = + getRootDirectory(gTestPath).replace( + "chrome://mochitests/content", + // eslint-disable-next-line @microsoft/sdl/no-insecure-url + "http://example.com" + ) + "file_mixedContentFramesOnHttp.html"; + +add_task(async function () { + await SpecialPowers.pushPrefEnv({ + set: [ + ["security.mixed_content.block_active_content", true], + ["security.mixed_content.block_display_content", false], + ["security.mixed_content.upgrade_display_content", false], + ], + }); + + await BrowserTestUtils.withNewTab(TEST_URL, async function (browser) { + isSecurityState(browser, "insecure"); + await assertMixedContentBlockingState(browser, { + activeLoaded: false, + activeBlocked: false, + passiveLoaded: true, + }); + }); +}); -- cgit v1.2.3