diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 17:32:43 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 17:32:43 +0000 |
| commit | 6bf0a5cb5034a7e684dcc3500e841785237ce2dd (patch) | |
| tree | a68f146d7fa01f0134297619fbe7e33db084e0aa /testing/web-platform/tests/mixed-content/blob.https.sub.html | |
| parent | Initial commit. (diff) | |
| download | thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.tar.xz thunderbird-6bf0a5cb5034a7e684dcc3500e841785237ce2dd.zip | |
Adding upstream version 1:115.7.0.upstream/1%115.7.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/mixed-content/blob.https.sub.html')
| -rw-r--r-- | testing/web-platform/tests/mixed-content/blob.https.sub.html | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/testing/web-platform/tests/mixed-content/blob.https.sub.html b/testing/web-platform/tests/mixed-content/blob.https.sub.html new file mode 100644 index 0000000000..4e4bba6e0c --- /dev/null +++ b/testing/web-platform/tests/mixed-content/blob.https.sub.html @@ -0,0 +1,54 @@ +<!DOCTYPE html> +<html> + <head> + <title>Mixed-Content: blob tests</title> + <meta charset="utf-8"> + <meta name="description" content="Test a request to a blob: URL is mixed content if the blob's origin is not potentially trustworthy."> + <meta name="help" href="https://w3c.github.io/webappsec-mixed-content/#should-block-fetch"> + <meta name="help" href="https://w3c.github.io/webappsec-secure-contexts/#potentially-trustworthy-url"> + <script src="/resources/testharness.js"></script> + <script src="/resources/testharnessreport.js"></script> + </head> + <body> + <script> + async function try_fetch_request(url) { + try { + const response = await fetch(url); + return response.ok; + } catch(e) { + return false; + } + } + + function try_script_load(url) { + return new Promise(resolve => { + let script = document.createElement("script"); + script.onload = () => resolve(true); + script.onerror = () => resolve(false); + script.src = url; + document.body.appendChild(script); + }); + } + + const popup_http = "http://{{domains[]}}:{{ports[http][0]}}/mixed-content/resources/blob-popup.html"; + const popup_https = "https://{{domains[]}}:{{ports[https][0]}}/mixed-content/resources/blob-popup.html"; + [popup_https, popup_http].forEach(popup_url => { + promise_test(t => { + return new Promise(resolve => { + window.addEventListener("message", resolve, {once: true}); + window.open(popup_url); + }).then(async function(event) { + let data = event.data; + assert_equals(await try_fetch_request(data.js_blob_url), + data.potentially_trustworthy, + "Fetch request"); + assert_equals(await try_script_load(data.js_blob_url), + data.potentially_trustworthy, + "Script load"); + event.source.close(); + }); + }); + }); + </script> + </body> +</html> |