mirror of
https://github.com/servo/servo.git
synced 2025-08-03 20:50:07 +01:00
Add support for Upgrade request to a potentially trustworthy URL. (#34986)
* Add support for Upgrade request to a potentially trustworthy URL. Signed-off-by: Shubham Gupta <shubham13297@gmail.com> * script: Support inheritable insecure request policy in documents and workers. Signed-off-by: Josh Matthews <josh@joshmatthews.net> --------- Signed-off-by: Shubham Gupta <shubham13297@gmail.com> Signed-off-by: Josh Matthews <josh@joshmatthews.net> Co-authored-by: Shubham Gupta <shubham.gupta@chromium.org> Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This commit is contained in:
parent
7b36f2beb3
commit
1e164738d8
57 changed files with 264 additions and 346 deletions
|
@ -1,18 +0,0 @@
|
|||
[fetch.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[img-tag.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-classic.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-module.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[xhr.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[fetch.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[img-tag.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-classic.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-module.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[xhr.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[fetch.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[img-tag.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-classic.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-module.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[xhr.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[fetch.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[img-tag.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-classic.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,9 +0,0 @@
|
|||
[worker-module.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[xhr.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[fetch.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
|
@ -1,18 +0,0 @@
|
|||
[xhr.https.html]
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
|
||||
expected: FAIL
|
||||
|
||||
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
|
||||
expected: FAIL
|
Loading…
Add table
Add a link
Reference in a new issue