Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(241)

Side by Side Diff: LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-blocked.html

Issue 311033003: Implementing mixed content for forms posting to insecure location from secure ones (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Fixed the error when action attribute is empty. Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 <html> 1 <html>
2 <body> 2 <body>
3 <script> 3 <script>
4 if (window.testRunner) { 4 if (window.testRunner) {
5 testRunner.waitUntilDone(); 5 testRunner.waitUntilDone();
6 testRunner.dumpAsText(); 6 testRunner.dumpAsText();
7 testRunner.setCanOpenWindows(); 7 testRunner.setCanOpenWindows();
8 testRunner.setCloseRemainingWindowsWhenComplete(true); 8 testRunner.setCloseRemainingWindowsWhenComplete(true);
9 testRunner.overridePreference("WebKitAllowDisplayingInsecureContent", false) ; 9 testRunner.overridePreference("WebKitAllowDisplayingInsecureContent", false) ;
10 testRunner.setAllowDisplayOfInsecureContent(true);
11 } 10 }
12 11
13 window.addEventListener("message", function (e) { 12 window.addEventListener("message", function (e) {
14 if (window.testRunner) 13 if (window.testRunner)
15 testRunner.notifyDone(); 14 testRunner.notifyDone();
16 }, false); 15 }, false);
17 16
18 </script> 17 </script>
19 <p>This test opens a window that loads an insecure image. We should trigger 18 <p>This test opens a window that shows a form with "action" pointing to an insec ure
20 a mixed content callback even though we've set the preference to block this, 19 location. We should not trigger a mixed content callback even though the main fr ame in the window is HTTPS and the form is pointing to insecure content, because we've set the preference to block this.</p>
21 because we've overriden the preference via a web permission client callback.</p>
22 <script> 20 <script>
23 window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-i nsecure-image.html"); 21 window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-i nsecure-formSubmission.html");
24 </script> 22 </script>
25 </body> 23 </body>
26 </html> 24 </html>
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698