Implement 'window.isSecureContext'.

third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html

Index: third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html b/third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html
new file mode 100644
index 0000000000000000000000000000000000000000..e8242b7542c6d081b7e710c7073991a17b1e5146
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html
@@ -0,0 +1,49 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Unauthenticated origin is insecure</title>

[philipj_slow, 2015/09/28 12:17:56]

The first actual assertion amounts to "authenticated origin is secure". It looks
like this is testing top-level secure contexts, as well as insecure and insecure
contexts in iframes. A more descriptive title would be nice, and if that's too
hard perhaps the test can be split?

[Mike West, 2015/09/28 13:28:02]

Clarified the test name and title. Thanks!

+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+    <script src="/resources/get-host-info.js"></script>
+</head>
+<body>
+    <script>
+        if (window.location.origin != get_host_info().AUTHENTICATED_ORIGIN) {
+            window.location = get_host_info().AUTHENTICATED_ORIGIN +
+                              window.location.pathname;
+        } else {
+            test(function () {
+                assert_equals(window.location.origin, get_host_info().AUTHENTICATED_ORIGIN, "Sanity check the test runner.");
+                assert_true(window.isSecureContext);
+            }, "authenticated origin is secure.");
+
+            async_test(function (t) {
+                var messages = 0;
+                window.addEventListener("message", t.step_func(function (e) {
+                    if (e.origin == get_host_info().AUTHENTICATED_ORIGIN)
+                        assert_true(e.data.isSecureContext);
+                    if (e.origin == get_host_info().UNAUTHENTICATED_ORIGIN)
+                        assert_false(e.data.isSecureContext);
+                    messages++;
+                    if (messages >= 2)
+                        t.done();
+                }), false);
+
+                var i1 = document.createElement("iframe");
+                i1.src = get_host_info().UNAUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html";
+                // This will almost certainly be blocked by the mixed content checker, handle that case by incrementing the `messages` count.
+                i1.addEventListener("error", t.step_func(function (e) {
+                    messages++;
+                    if (messages >= 2)
+                        t.done();
+                }), false);
+                document.body.appendChild(i1);
+
+                var i2 = document.createElement("iframe");
+                i2.src = get_host_info().AUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html";
+                document.body.appendChild(i2);
+            }, "Frames are either secure or insecure (and blocked by mixed content).");
+        }
+    </script>
+</body>
+</html>