Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-06 22:15:33 +01:00
Code Issues Projects Releases Packages Wiki Activity

Add support for Upgrade request to a potentially trustworthy URL. (#34986)

Browse source 
* Add support for Upgrade request to a potentially trustworthy URL.

Signed-off-by: Shubham Gupta <shubham13297@gmail.com>

* script: Support inheritable insecure request policy in documents and workers.

Signed-off-by: Josh Matthews <josh@joshmatthews.net>

---------

Signed-off-by: Shubham Gupta <shubham13297@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Shubham Gupta <shubham.gupta@chromium.org>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This commit is contained in:
Shubham Gupta 2025-02-05 20:49:56 +08:00 committed by GitHub
parent 7b36f2beb3
commit 1e164738d8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
57 changed files with 264 additions and 346 deletions
Download patch file Download diff file Expand all files Collapse all files

18
tests/wpt/meta/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/upgrade/fetch.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[fetch.https.html]
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/upgrade/img-tag.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[img-tag.https.html]
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/upgrade/worker-classic.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-classic.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/upgrade/worker-module.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-module.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/iframe-blank-inherit.meta/upgrade/xhr.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[xhr.https.html]
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/srcdoc-inherit.meta/upgrade/fetch.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[fetch.https.html]
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/srcdoc-inherit.meta/upgrade/img-tag.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[img-tag.https.html]
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/srcdoc-inherit.meta/upgrade/worker-classic.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-classic.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/srcdoc-inherit.meta/upgrade/worker-module.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-module.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/srcdoc-inherit.meta/upgrade/xhr.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[xhr.https.html]
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/top.http-rp/upgrade/fetch.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[fetch.https.html]
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/top.http-rp/upgrade/img-tag.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[img-tag.https.html]
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/top.http-rp/upgrade/worker-classic.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-classic.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/top.http-rp/upgrade/worker-module.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-module.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/top.http-rp/upgrade/xhr.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[xhr.https.html]
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/top.meta/upgrade/fetch.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[fetch.https.html]
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/top.meta/upgrade/img-tag.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[img-tag.https.html]
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for img-tag to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/top.meta/upgrade/worker-classic.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-classic.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-classic to same-https origin and downgrade redirection from https context.]
expected: FAIL

9
tests/wpt/meta/upgrade-insecure-requests/gen/top.meta/upgrade/worker-module.https.html.ini vendored
View file

@ -1,9 +0,0 @@
[worker-module.https.html]
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for worker-module to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/top.meta/upgrade/xhr.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[xhr.https.html]
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/worker-classic-data.meta/upgrade/fetch.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[fetch.https.html]
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for fetch to same-https origin and downgrade redirection from https context.]
expected: FAIL

18
tests/wpt/meta/upgrade-insecure-requests/gen/worker-classic-data.meta/upgrade/xhr.https.html.ini vendored
View file

@ -1,18 +0,0 @@
[xhr.https.html]
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to cross-https origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and downgrade redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-http-downgrade origin and no-redirect redirection from https context.]
expected: FAIL
[Upgrade-Insecure-Requests: Expects allowed for xhr to same-https origin and downgrade redirection from https context.]
expected: FAIL