Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(144)

Unified Diff: LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-allowed.html

Issue 311033003: Implementing mixed content for forms posting to insecure location from secure ones (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Fixed the error when action attribute is empty. Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-allowed.html
diff --git a/LayoutTests/http/tests/security/mixedContent/insecure-image-in-main-frame-allowed.html b/LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-allowed.html
similarity index 61%
copy from LayoutTests/http/tests/security/mixedContent/insecure-image-in-main-frame-allowed.html
copy to LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-allowed.html
index 88175fa3cbc5f39b891ce60a081c06049f8e3a31..6929f3bddbbd0e26e9a3a1e936d0be5405c2448a 100644
--- a/LayoutTests/http/tests/security/mixedContent/insecure-image-in-main-frame-allowed.html
+++ b/LayoutTests/http/tests/security/mixedContent/insecure-formSubmission-in-main-frame-allowed.html
@@ -12,15 +12,14 @@ if (window.testRunner) {
window.addEventListener("message", function (e) {
if (window.testRunner)
- testRunner.notifyDone();
+ testRunner.notifyDone();
}, false);
</script>
-<p>This test opens a window that loads an insecure image. We should trigger
-a mixed content callback even though we've set the preference to block this,
-because we've overriden the preference via a web permission client callback.</p>
+<p>This test opens a window that shows a form with "action" pointing to insecure
+location. We should trigger a mixed content callback even though we've set the preference to block this, because we've overriden the preferences via a web permission client callback.</p>
<script>
-window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-image.html");
+window.open("https://127.0.0.1:8443/security/mixedContent/resources/frame-with-insecure-formSubmission.html");
</script>
</body>
</html>

Powered by Google App Engine
This is Rietveld 408576698