Index: third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html |
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html b/third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..b88da39225a5bfaf45db1401b7725bed0b1f7947 |
--- /dev/null |
+++ b/third_party/WebKit/LayoutTests/http/tests/security/secureContexts/authenticated.html |
@@ -0,0 +1,49 @@ |
+<!DOCTYPE html> |
+<html> |
+<head> |
+ <title>Authenticated origins are secure, both at top-level and in frames.</title> |
+ <script src="/resources/testharness.js"></script> |
+ <script src="/resources/testharnessreport.js"></script> |
+ <script src="/resources/get-host-info.js"></script> |
+</head> |
+<body> |
+ <script> |
+ if (window.location.origin != get_host_info().AUTHENTICATED_ORIGIN) { |
+ window.location = get_host_info().AUTHENTICATED_ORIGIN + |
+ window.location.pathname; |
+ } else { |
+ test(function () { |
+ assert_equals(window.location.origin, get_host_info().AUTHENTICATED_ORIGIN, "Sanity check the test runner."); |
+ assert_true(window.isSecureContext); |
+ }, "authenticated origin is secure at the top-level."); |
+ |
+ async_test(function (t) { |
+ var messages = 0; |
+ window.addEventListener("message", t.step_func(function (e) { |
+ if (e.origin == get_host_info().AUTHENTICATED_ORIGIN) |
+ assert_true(e.data.isSecureContext); |
+ if (e.origin == get_host_info().UNAUTHENTICATED_ORIGIN) |
+ assert_false(e.data.isSecureContext); |
+ messages++; |
+ if (messages >= 2) |
+ t.done(); |
+ }), false); |
+ |
+ var i1 = document.createElement("iframe"); |
+ i1.src = get_host_info().UNAUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html"; |
+ // This will almost certainly be blocked by the mixed content checker, handle that case by incrementing the `messages` count. |
+ i1.addEventListener("error", t.step_func(function (e) { |
+ messages++; |
+ if (messages >= 2) |
+ t.done(); |
+ }), false); |
+ document.body.appendChild(i1); |
+ |
+ var i2 = document.createElement("iframe"); |
+ i2.src = get_host_info().AUTHENTICATED_ORIGIN + "/security/secureContexts/resources/post-securecontext-status.html"; |
+ document.body.appendChild(i2); |
+ }, "Frames are either secure or insecure (and blocked by mixed content)."); |
+ } |
+ </script> |
+</body> |
+</html> |