diff options
Diffstat (limited to 'testing/web-platform/tests/fetch/metadata/generated/css-images.sub.tentative.html')
| -rw-r--r-- | testing/web-platform/tests/fetch/metadata/generated/css-images.sub.tentative.html | 1099 |
1 files changed, 1099 insertions, 0 deletions
diff --git a/testing/web-platform/tests/fetch/metadata/generated/css-images.sub.tentative.html b/testing/web-platform/tests/fetch/metadata/generated/css-images.sub.tentative.html new file mode 100644 index 0000000000..f1ef27cf08 --- /dev/null +++ b/testing/web-platform/tests/fetch/metadata/generated/css-images.sub.tentative.html @@ -0,0 +1,1099 @@ +<!DOCTYPE html> +<!-- +This test was procedurally generated. Please do not modify it directly. +Sources: +- fetch/metadata/tools/fetch-metadata.conf.yml +- fetch/metadata/tools/templates/css-images.sub.html +--> +<html lang="en"> + <meta charset="utf-8"> + <meta name="timeout" content="long"> + <title>HTTP headers on request for CSS image-accepting properties</title> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + <script src="/fetch/metadata/resources/helper.sub.js"></script> + <body> + <script> + 'use strict'; + + /** + * The subtests in this file use an iframe to induce requests for CSS + * resources because an iframe's `onload` event is the most direct and + * generic mechanism to detect loading of CSS resources. As an optimization, + * the subtests share the same iframe and document. + */ + const declarations = []; + const iframe = document.createElement('iframe'); + const whenIframeReady = new Promise((resolve, reject) => { + iframe.onload = resolve; + iframe.onerror = reject; + }); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-site - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-site - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-site - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-site - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-site - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-site - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-site - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-site - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-site - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-site - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-site - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-site - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-site - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-site - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-site - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-mode - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-mode - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-mode - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-mode - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-mode - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-mode - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-mode - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-mode - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-mode - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-mode - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-mode - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-mode - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-mode - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-mode - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-mode'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-mode - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-dest - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-dest - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-dest - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-dest - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-dest - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-dest - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-dest - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-dest - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-dest - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-dest - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-dest - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-dest - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-dest - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-dest - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-dest'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-dest - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-user - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-user - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-user - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-user - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-user - Not sent to non-trustworthy same-origin destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-user - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-user - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-user - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-user - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpSameSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-user - Not sent to non-trustworthy same-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-user - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-user - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-user - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-user - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpCrossSite']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-user'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-user - Not sent to non-trustworthy cross-site destination'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-site - HTTPS downgrade (header not sent)'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-site - HTTPS downgrade (header not sent)'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-site - HTTPS downgrade (header not sent)'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-site - HTTPS downgrade (header not sent)'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_not_own_property(headers, 'sec-fetch-site'); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-site - HTTPS downgrade (header not sent)'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_equals(headers['sec-fetch-site'], 'cross-site'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-site - HTTPS upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-site - HTTPS upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-site - HTTPS upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-site - HTTPS upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpOrigin', 'httpsOrigin']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-site - HTTPS upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']); + + declarations.push(`background-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_equals(headers['sec-fetch-site'], 'cross-site'); + }) + .then(t.step_func_done(), (error) => t.unreached_func()); + }, 'background-image sec-fetch-site - HTTPS downgrade-upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']); + + declarations.push(`border-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'border-image sec-fetch-site - HTTPS downgrade-upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']); + + declarations.push(`content: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'content sec-fetch-site - HTTPS downgrade-upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']); + + declarations.push(`cursor: url("${url}"), auto;`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'cursor sec-fetch-site - HTTPS downgrade-upgrade'); + + async_test((t) => { + const key = '{{uuid()}}'; + const url = makeRequestURL(key, ['httpsOrigin', 'httpOrigin', 'httpsOrigin']); + + declarations.push(`list-style-image: url("${url}");`); + + whenIframeReady + .then(() => retrieve(key)) + .then((headers) => { + assert_own_property(headers, 'sec-fetch-site'); + assert_array_equals(headers['sec-fetch-site'], ['cross-site']); + }) + .then(t.step_func_done(), t.unreached_func()); + }, 'list-style-image sec-fetch-site - HTTPS downgrade-upgrade'); + + iframe.srcdoc = declarations.map((declaration, index) => ` + <style>.el${index} { ${declaration} }</style><div class="el${index}"></div>` + ).join(''); + document.body.appendChild(iframe); + + </script> + </body> +</html> |