Index: third_party/WebKit/LayoutTests/http/tests/security/mixedContent/insecure-localhost-allowed.https.html |
diff --git a/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/insecure-localhost-allowed.https.html b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/insecure-localhost-allowed.https.html |
new file mode 100644 |
index 0000000000000000000000000000000000000000..82e002bdade9799224a5fc3ed32c67e16c67fc3f |
--- /dev/null |
+++ b/third_party/WebKit/LayoutTests/http/tests/security/mixedContent/insecure-localhost-allowed.https.html |
@@ -0,0 +1,24 @@ |
+<!DOCTYPE html> |
+<html> |
+<body> |
+ <script src="/resources/testharness.js"></script> |
+ <script src="/resources/testharnessreport.js"></script> |
+ <script> |
+ if (window.testRunner) |
+ testRunner.overridePreference("WebKitAllowRunningInsecureContent", false); |
+ |
+ async_test(t => { |
+ fetch("http://127.0.0.1:8000/xmlhttprequest/resources/access-control-allow-lists.php?origin=*", {method: "POST"}) |
+ .then(t.step_func(r => r.json())) |
+ .then(t.step_func_done(j => assert_equals("127.0.0.1:8000", j.host))) |
+ .catch(t.unreached_func("Fetch should not be blocked.")); |
+ }, "Fetching 'http://127.0.0.1/' should not be blocked."); |
+ |
+ async_test(t => { |
+ fetch("http://example.test:8000/xmlhttprequest/resources/access-control-allow-lists.php?origin=*", {method: "POST"}) |
+ .then(t.unreached_func("Fetch should be blocked.")) |
+ .catch(t.step_func_done(e => assert_equals(e.message, "Failed to fetch"))); |
+ }, "Fetching 'http://example.test/' should be blocked."); |
+ </script> |
+</body> |
+</html> |