OLD | NEW |
---|---|
(Empty) | |
1 <!DOCTYPE html> | |
2 <html> | |
3 <head> | |
4 <title>Unauthenticated origin is insecure</title> | |
philipj_slow
2015/09/28 12:17:56
The first actual assertion amounts to "authenticat
Mike West
2015/09/28 13:28:02
Clarified the test name and title. Thanks!
| |
5 <script src="/resources/testharness.js"></script> | |
6 <script src="/resources/testharnessreport.js"></script> | |
7 <script src="/resources/get-host-info.js"></script> | |
8 </head> | |
9 <body> | |
10 <script> | |
11 if (window.location.origin != get_host_info().AUTHENTICATED_ORIGIN) { | |
12 window.location = get_host_info().AUTHENTICATED_ORIGIN + | |
13 window.location.pathname; | |
14 } else { | |
15 test(function () { | |
16 assert_equals(window.location.origin, get_host_info().AUTHENTICA TED_ORIGIN, "Sanity check the test runner."); | |
17 assert_true(window.isSecureContext); | |
18 }, "authenticated origin is secure."); | |
19 | |
20 async_test(function (t) { | |
21 var messages = 0; | |
22 window.addEventListener("message", t.step_func(function (e) { | |
23 if (e.origin == get_host_info().AUTHENTICATED_ORIGIN) | |
24 assert_true(e.data.isSecureContext); | |
25 if (e.origin == get_host_info().UNAUTHENTICATED_ORIGIN) | |
26 assert_false(e.data.isSecureContext); | |
27 messages++; | |
28 if (messages >= 2) | |
29 t.done(); | |
30 }), false); | |
31 | |
32 var i1 = document.createElement("iframe"); | |
33 i1.src = get_host_info().UNAUTHENTICATED_ORIGIN + "/security/sec ureContexts/resources/post-securecontext-status.html"; | |
34 // This will almost certainly be blocked by the mixed content ch ecker, handle that case by incrementing the `messages` count. | |
35 i1.addEventListener("error", t.step_func(function (e) { | |
36 messages++; | |
37 if (messages >= 2) | |
38 t.done(); | |
39 }), false); | |
40 document.body.appendChild(i1); | |
41 | |
42 var i2 = document.createElement("iframe"); | |
43 i2.src = get_host_info().AUTHENTICATED_ORIGIN + "/security/secur eContexts/resources/post-securecontext-status.html"; | |
44 document.body.appendChild(i2); | |
45 }, "Frames are either secure or insecure (and blocked by mixed conte nt)."); | |
46 } | |
47 </script> | |
48 </body> | |
49 </html> | |
OLD | NEW |