Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-05 13:40:08 +01:00
Code Issues Projects Releases Packages Wiki Activity

Fix Sec-Fetch-Site header

Browse source 
While working on #37209 I discovered that the header was computed
incorrectly. After carefully reading the specification, I realized
that the link in the spec was wrong and we were missing the fact
that for host-domains, we should operate on the registrable domain.

Additionally, the same-site call was missing the negation.

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This commit is contained in:
Tim van der Lippe 2025-06-05 21:17:39 +02:00
parent 6d99c09499
commit 62c1575e9c
36 changed files with 41 additions and 444 deletions
Download patch file Download diff file Expand all files Collapse all files

16
components/net/http_loader.rs
View file

@ -59,7 +59,7 @@ use net_traits::{
use profile_traits::mem::{Report, ReportKind};
use profile_traits::path;
use servo_arc::Arc;
use servo_url::{ImmutableOrigin, ServoUrl};
use servo_url::{Host, ImmutableOrigin, ServoUrl};
use tokio::sync::mpsc::{
Receiver as TokioReceiver, Sender as TokioSender, UnboundedReceiver, UnboundedSender, channel,
unbounded_channel,
@ -223,8 +223,11 @@ fn strict_origin_when_cross_origin(
strip_url_for_use_as_referrer(referrer_url, true)
}
/// <https://html.spec.whatwg.org/multipage/#concept-site-same-site>
/// <https://html.spec.whatwg.org/multipage/#same-site>
fn is_same_site(site_a: &ImmutableOrigin, site_b: &ImmutableOrigin) -> bool {
// First steps are for
// https://html.spec.whatwg.org/multipage/#concept-site-same-site
//
// Step 1. If A and B are the same opaque origin, then return true.
if !site_a.is_tuple() && !site_b.is_tuple() && site_a == site_b {
return true;
@ -244,7 +247,12 @@ fn is_same_site(site_a: &ImmutableOrigin, site_b: &ImmutableOrigin) -> bool {
}
// Step 4. If A's and B's host values are not equal, then return false.
if host_a != host_b {
// Includes the steps of https://html.spec.whatwg.org/multipage/#obtain-a-site
if let (Host::Domain(domain_a), Host::Domain(domain_b)) = (host_a, host_b) {
if reg_suffix(domain_a) != reg_suffix(domain_b) {
return false;
}
} else if host_a != host_b {
return false;
}
@ -2564,7 +2572,7 @@ fn set_the_sec_fetch_site_header(r: &mut Request) {
header = SecFetchSite::CrossSite;
// Step 5.3 If rs origin is not same site with urls origin, then break.
if is_same_site(request_origin, &url.origin()) {
if !is_same_site(request_origin, &url.origin()) {
break;
}

2
components/net/tests/http_loader.rs
View file

@ -329,7 +329,7 @@ fn test_request_and_response_data_with_network_messages() {
);
headers.insert(
HeaderName::from_static("sec-fetch-site"),
HeaderValue::from_static("same-site"),
HeaderValue::from_static("cross-site"),
);
headers.insert(
HeaderName::from_static("sec-fetch-user"),

6
tests/wpt/meta/fetch/metadata/fetch-preflight.https.sub.any.js.ini vendored
View file

@ -1,12 +1,6 @@
[fetch-preflight.https.sub.any.html]
[Cross-site fetch with preflight: sec-fetch-site]
expected: FAIL
[fetch-preflight.https.sub.any.worker.html]
[Cross-site fetch with preflight: sec-fetch-site]
expected: FAIL
[fetch-preflight.https.sub.any.serviceworker.html]
expected: ERROR

6
tests/wpt/meta/fetch/metadata/fetch.https.sub.any.js.ini vendored
View file

@ -1,12 +1,6 @@
[fetch.https.sub.any.html]
[Cross-site fetch: sec-fetch-site]
expected: FAIL
[fetch.https.sub.any.worker.html]
[Cross-site fetch: sec-fetch-site]
expected: FAIL
[fetch.https.sub.any.sharedworker.html]
expected: ERROR

3
tests/wpt/meta/fetch/metadata/generated/css-font-face.sub.tentative.html.ini vendored
View file

@ -49,6 +49,3 @@
[sec-fetch-storage-access - Not sent to non-trustworthy cross-site destination]
expected: FAIL
[sec-fetch-storage-access - Not sent to non-trustworthy same-site destination]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/element-a.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade - no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade - no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent) - no attributes]
expected: FAIL

24
tests/wpt/meta/fetch/metadata/generated/element-audio.https.sub.html.ini vendored
View file

@ -1,27 +1,3 @@
[element-audio.https.sub.html]
[sec-fetch-site - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-storage-access - Cross-site, no attributes]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/element-audio.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade, no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent), no attributes]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/element-iframe.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent)]
expected: FAIL

45
tests/wpt/meta/fetch/metadata/generated/element-img.https.sub.html.ini vendored
View file

@ -1,49 +1,4 @@
[element-img.https.sub.html]
[sec-fetch-site - src - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - srcset - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - src - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - srcset - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - src - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - srcset - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - src - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - srcset - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - src - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - srcset - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - src - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - srcset - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - src - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - srcset - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - src - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-storage-access - src - Cross-site, no attributes]
expected: FAIL

6
tests/wpt/meta/fetch/metadata/generated/element-img.sub.html.ini vendored
View file

@ -5,12 +5,6 @@
[sec-fetch-site - srcset - HTTPS upgrade, no attributes]
expected: FAIL
[sec-fetch-site - src - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - srcset - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - src - HTTPS downgrade (header not sent), no attributes]
expected: FAIL

21
tests/wpt/meta/fetch/metadata/generated/element-link-prefetch.https.optional.sub.html.ini vendored
View file

@ -1,25 +1,4 @@
[element-link-prefetch.https.optional.sub.html]
[sec-fetch-site - Cross-site no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site no attributes]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site no attributes]
expected: FAIL
[sec-fetch-dest attributes: as=audio]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/element-link-prefetch.optional.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent) no attributes]
expected: FAIL

27
tests/wpt/meta/fetch/metadata/generated/element-meta-refresh.https.optional.sub.html.ini vendored
View file

@ -5,29 +5,20 @@
[sec-fetch-site - Same site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Same-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL
[sec-fetch-user]
expected: FAIL
[sec-fetch-site - Same-Origin -> Same-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Same-Origin -> Same-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Same Origin]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/element-meta-refresh.optional.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent)]
expected: FAIL

63
tests/wpt/meta/fetch/metadata/generated/element-picture.https.sub.html.ini vendored
View file

@ -1,67 +1,4 @@
[element-picture.https.sub.html]
[sec-fetch-site - img[src\] - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-storage-access - img[src\] - Cross-site, no attributes]
expected: FAIL

9
tests/wpt/meta/fetch/metadata/generated/element-picture.sub.html.ini vendored
View file

@ -8,15 +8,6 @@
[sec-fetch-site - source[srcset\] - HTTPS upgrade, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - img[srcset\] - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - source[srcset\] - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - img[src\] - HTTPS downgrade (header not sent), no attributes]
expected: FAIL

48
tests/wpt/meta/fetch/metadata/generated/element-script.https.sub.html.ini vendored
View file

@ -1,45 +1,9 @@
[element-script.https.sub.html]
[sec-fetch-site - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - Cross-site, attributes: type=module]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect, attributes: type=module]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin, attributes: type=module]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site, attributes: type=module]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site, attributes: type=module]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site, attributes: type=module]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site, attributes: type=module]
expected: FAIL
[sec-fetch-storage-access - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Same-Site -> Same-Origin redirect, attributes: type=module]
expected: FAIL
[sec-fetch-site - Same-Site -> Same Origin, attributes: type=module]
expected: FAIL

6
tests/wpt/meta/fetch/metadata/generated/element-script.sub.html.ini vendored
View file

@ -5,12 +5,6 @@
[sec-fetch-site - HTTPS upgrade, attributes: type=module]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade, attributes: type=module]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent), no attributes]
expected: FAIL

24
tests/wpt/meta/fetch/metadata/generated/element-video.https.sub.html.ini vendored
View file

@ -1,27 +1,3 @@
[element-video.https.sub.html]
[sec-fetch-site - Cross-site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site, no attributes]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site, no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-storage-access - Cross-site, no attributes]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/element-video.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade, no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade, no attributes]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent), no attributes]
expected: FAIL

21
tests/wpt/meta/fetch/metadata/generated/fetch.https.sub.html.ini vendored
View file

@ -1,24 +1,3 @@
[fetch.https.sub.html]
[sec-fetch-site - Cross-site, init: mode=no-cors]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect, init: mode=no-cors]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin, init: mode=no-cors]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site, init: mode=no-cors]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site, init: mode=no-cors]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site, init: mode=no-cors]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site, init: mode=no-cors]
expected: FAIL
[sec-fetch-storage-access - Cross-site, init: mode=no-cors, credentials=include]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/fetch.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade, no init]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade, no init]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent), no init]
expected: FAIL

27
tests/wpt/meta/fetch/metadata/generated/header-refresh.https.optional.sub.html.ini vendored
View file

@ -5,29 +5,20 @@
[sec-fetch-site - Same site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Same-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL
[sec-fetch-user]
expected: FAIL
[sec-fetch-site - Same-Origin -> Same-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Same-Origin -> Same-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Same Origin]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/header-refresh.optional.sub.html.ini vendored
View file

@ -4,6 +4,3 @@
[sec-fetch-site - HTTPS upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL

19
tests/wpt/meta/fetch/metadata/generated/script-module-import-dynamic.https.sub.html.ini vendored
View file

@ -1,21 +1,6 @@
[script-module-import-dynamic.https.sub.html]
[sec-fetch-site - Cross-site]
[sec-fetch-site - Same-Origin -> Same-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site]
[sec-fetch-site - Same-Site -> Same Origin]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/script-module-import-dynamic.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent)]
expected: FAIL

19
tests/wpt/meta/fetch/metadata/generated/script-module-import-static.https.sub.html.ini vendored
View file

@ -1,21 +1,6 @@
[script-module-import-static.https.sub.html]
[sec-fetch-site - Cross-site]
[sec-fetch-site - Same-Origin -> Same-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site]
[sec-fetch-site - Same-Site -> Same Origin]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/script-module-import-static.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent)]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/serviceworker.https.sub.html.ini vendored
View file

@ -26,6 +26,3 @@
[sec-fetch-user - no options - updating]
expected: NOTRUN
[sec-fetch-site - Same origin, no options - registration]
expected: FAIL

12
tests/wpt/meta/fetch/metadata/generated/window-location.sub.html.ini vendored
View file

@ -11,18 +11,6 @@
[sec-fetch-site - HTTPS upgrade - location.replace]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade - location]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade - location.href]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade - location.assign]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade - location.replace]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent) - location]
expected: FAIL

21
tests/wpt/meta/fetch/metadata/generated/worker-dedicated-importscripts.https.sub.html.ini vendored
View file

@ -1,24 +1,3 @@
[worker-dedicated-importscripts.https.sub.html]
[sec-fetch-site - Cross-site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site -> Same-Origin redirect]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same Origin]
expected: FAIL
[sec-fetch-site - Cross-Site -> Same-Site]
expected: FAIL
[sec-fetch-site - Cross-Site -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Origin -> Cross-Site]
expected: FAIL
[sec-fetch-site - Same-Site -> Cross-Site]
expected: FAIL
[sec-fetch-storage-access - Cross-site]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/generated/worker-dedicated-importscripts.sub.html.ini vendored
View file

@ -2,8 +2,5 @@
[sec-fetch-site - HTTPS upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade-upgrade]
expected: FAIL
[sec-fetch-site - HTTPS downgrade (header not sent)]
expected: FAIL

18
tests/wpt/meta/fetch/metadata/preload.https.sub.html.ini vendored
View file

@ -1,25 +1,7 @@
[preload.https.sub.html]
[preload fetch www.not-web-platform.test:8443: sec-fetch-site]
expected: FAIL
[preload image www.not-web-platform.test:8443: sec-fetch-site]
expected: FAIL
[preload style www.not-web-platform.test:8443: sec-fetch-dest]
expected: FAIL
[preload style www.not-web-platform.test:8443: sec-fetch-site]
expected: FAIL
[preload font www.not-web-platform.test:8443: sec-fetch-site]
expected: FAIL
[preload script www.not-web-platform.test:8443: sec-fetch-site]
expected: FAIL
[preload track www.not-web-platform.test:8443: sec-fetch-site]
expected: FAIL
[preload style www.web-platform.test:8443: sec-fetch-dest]
expected: FAIL

3
tests/wpt/meta/fetch/metadata/redirect/multiple-redirect-https-downgrade-upgrade.sub.html.ini vendored
View file

@ -21,9 +21,6 @@
[Https downgrade-upgrade script => No headers: sec-fetch-mode]
expected: FAIL
[Https downgrade-upgrade top level navigation: sec-fetch-site]
expected: FAIL
[Https downgrade-upgrade stylesheet]
expected: NOTRUN

3
tests/wpt/meta/fetch/metadata/style.https.sub.html.ini vendored
View file

@ -1,3 +0,0 @@
[style.https.sub.html]
[Cross-Site style: sec-fetch-site]
expected: FAIL