Apply strict blocking of active mixed content in HTTPS subframes only

third_party/WebKit/LayoutTests/http/tests/security/mixedContent/active-subresource-in-http-iframe-not-blocked.https.html

Index: third_party/WebKit/LayoutTests/http/tests/security/mixedContent/active-subresource-in-http-iframe-not-blocked.https.html
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/active-subresource-in-http-iframe-not-blocked.https.html b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/active-subresource-in-http-iframe-not-blocked.https.html
new file mode 100644
index 0000000000000000000000000000000000000000..4e77901c067ff8658f0fbc6479fe0f99b0d813b5
--- /dev/null
+++ b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/active-subresource-in-http-iframe-not-blocked.https.html
@@ -0,0 +1,25 @@
+<!doctype html>
+<html>
+<head>
+    <script src="/resources/testharness.js"></script>
+    <script src="/resources/testharnessreport.js"></script>
+
+    <script>
+        if (window.testRunner) {
+          // This test checks that active mixed subresources in iframes
+          // are allowed if the iframe itself was allowed as mixed content.
+          testRunner.setAllowRunningOfInsecureContent(true);
+          testRunner.dumpAsText();
+        }
+
+        var t = async_test("Testing an insecure script in a mixed iframe");
+        window.addEventListener("message", t.step_func(function () {
+            t.done();
+        }));
+    </script>
+</head>
+<body>
+    <p>This test passes if the active subresource in the frame below is allowed.</p>
+    <iframe src="http://127.0.0.1:8000/security/mixedContent/resources/frame-loads-insecure-script.html"></iframe>
+</body>
+</html>