Adding upstream version 110.0.1.upstream/110.0.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 39 insertions, 0 deletions

diff --git a/testing/web-platform/tests/client-hints/http-equiv-accept-ch-non-secure.http.html b/testing/web-platform/tests/client-hints/http-equiv-accept-ch-non-secure.http.html
new file mode 100644
index 0000000000..58a55d44c3
--- /dev/null
+++ b/testing/web-platform/tests/client-hints/http-equiv-accept-ch-non-secure.http.html
@@ -0,0 +1,39 @@
+<html>
+<meta http-equiv="Accept-CH" content="Sec-CH-DPR, DPR, Sec-CH-Width, Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Device-Memory, Device-Memory, rtt, downlink, ect">
+<title>Accept-CH http-equiv insecure transport test</title>
+<body>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+
+<script>
+
+// Even though this HTML file contains "Accept-CH" http-equiv headers, the
+// browser should NOT attach the specified client hints in the HTTP request
+// headers since the page is being fetched over an insecure transport.
+// Test this functionality by fetching an XHR from this page hosted on
+// an insecure HTTP server.
+
+// resources/echo-client-hints-received.py sets the response headers depending on the set
+// of client hints it receives in the request headers.
+
+promise_test(t => {
+  return fetch("/client-hints/resources/echo-client-hints-received.py").then(r => {
+    assert_equals(r.status, 200)
+    // Verify that the browser does not include client hints in the headers
+    // when fetching the XHR from an insecure HTTP server.
+    assert_false(r.headers.has("device-memory-received"), "device-memory-received");
+    assert_false(r.headers.has("device-memory-deprecated-received"), "device-memory-deprecated-received");
+    assert_false(r.headers.has("dpr-received"), "dpr-received");
+    assert_false(r.headers.has("dpr-deprecated-received"), "dpr-deprecated-received");
+    assert_false(r.headers.has("viewport-width-received"), "viewport-width-received");
+    assert_false(r.headers.has("viewport-width-deprecated-received"), "viewport-width-deprecated-received");
+    assert_false(r.headers.has("rtt-received"), "rtt-received");
+    assert_false(r.headers.has("downlink-received"), "downlink-received");
+    assert_false(r.headers.has("ect-received"), "ect-received");
+    assert_false(r.headers.has("prefers-color-scheme-received"), "prefers-color-scheme-received");
+  });
+}, "Accept-CH http-equiv test over insecure transport");
+
+</script>
+</body>
+</html>