| OLD | NEW |
|---|
| 1 <!DOCTYPE html> | 1 <!DOCTYPE html> |
| 2 <html> | 2 <html> |
| 3 <head> | 3 <head> |
| 4 <title>Authenticated origins are secure, both at top-level and in frames.</t
itle> | 4 <title>Authenticated origins are secure, both at top-level and in frames.</t
itle> |
| 5 <script src="/resources/testharness.js"></script> | 5 <script src="/resources/testharness.js"></script> |
| 6 <script src="/resources/testharnessreport.js"></script> | 6 <script src="/resources/testharnessreport.js"></script> |
| 7 <script src="/resources/get-host-info.js"></script> | 7 <script src="/resources/get-host-info.js"></script> |
| 8 </head> | 8 </head> |
| 9 <body> | 9 <body> |
| 10 <script> | 10 <script> |
| 11 if (window.testRunner) | 11 if (window.testRunner) |
| 12 testRunner.overridePreference("WebKitAllowRunningInsecureContent", t
rue); | 12 testRunner.overridePreference("WebKitAllowRunningInsecureContent", t
rue); |
| 13 | 13 |
| 14 if (window.location.origin != get_host_info().AUTHENTICATED_ORIGIN) { | 14 if (window.location.origin != get_host_info().AUTHENTICATED_ORIGIN) { |
| 15 window.location = get_host_info().AUTHENTICATED_ORIGIN + | 15 window.location = get_host_info().AUTHENTICATED_ORIGIN + |
| 16 window.location.pathname; | 16 window.location.pathname; |
| 17 } else { | 17 } else { |
| 18 test(function () { | 18 test(function () { |
| 19 assert_equals(window.location.origin, get_host_info().AUTHENTICA
TED_ORIGIN, "Sanity check the test runner."); | 19 assert_equals(window.location.origin, get_host_info().AUTHENTICA
TED_ORIGIN, "Sanity check the test runner."); |
| 20 assert_true(window.isSecureContext); | 20 assert_true(window.isSecureContext); |
| 21 }, "authenticated origin is secure at the top-level."); | 21 }, "authenticated origin is secure at the top-level."); |
| 22 | 22 |
| 23 async_test(function (t) { | 23 async_test(function (t) { |
| 24 var messages = 0; | 24 var messages = 0; |
| 25 window.addEventListener("message", t.step_func(function (e) { | 25 window.addEventListener("message", t.step_func(function (e) { |
| 26 if (e.origin == get_host_info().AUTHENTICATED_ORIGIN) | 26 if (e.origin == get_host_info().HTTPS_ORIGIN) |
| 27 assert_true(e.data.isSecureContext); | 27 assert_true(e.data.isSecureContext); |
| 28 if (e.origin == get_host_info().UNAUTHENTICATED_ORIGIN) | 28 if (e.origin == get_host_info().UNAUTHENTICATED_ORIGIN) |
| 29 assert_false(e.data.isSecureContext); | 29 assert_false(e.data.isSecureContext); |
| 30 messages++; | 30 messages++; |
| 31 if (messages >= 2) | 31 if (messages >= 2) |
| 32 t.done(); | 32 t.done(); |
| 33 }), false); | 33 }), false); |
| 34 | 34 |
| 35 var i1 = document.createElement("iframe"); | 35 var i1 = document.createElement("iframe"); |
| 36 i1.src = get_host_info().UNAUTHENTICATED_ORIGIN + "/security/sec
ureContexts/resources/post-securecontext-status.html"; | 36 i1.src = get_host_info().UNAUTHENTICATED_ORIGIN + "/security/sec
ureContexts/resources/post-securecontext-status.html"; |
| 37 document.body.appendChild(i1); | 37 document.body.appendChild(i1); |
| 38 | 38 |
| 39 var i2 = document.createElement("iframe"); | 39 var i2 = document.createElement("iframe"); |
| 40 i2.src = get_host_info().AUTHENTICATED_ORIGIN + "/security/secur
eContexts/resources/post-securecontext-status.html"; | 40 i2.src = get_host_info().HTTPS_ORIGIN + "/security/secureContext
s/resources/post-securecontext-status.html"; |
| 41 document.body.appendChild(i2); | 41 document.body.appendChild(i2); |
| 42 }, "Frames are either secure or insecure."); | 42 }, "Frames are either secure or insecure."); |
| 43 } | 43 } |
| 44 </script> | 44 </script> |
| 45 </body> | 45 </body> |
| 46 </html> | 46 </html> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1723753002:
Make Document::isSecureContext() work for OOPIFs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master